ASA 5510 IPS Module Simple Question

Answered Question
Jul 3rd, 2013
User Badges:

I have a 5510 and am going to install the AIP10SP-K9 SSM module and am wondering what the gigabit port that comes on this is used for? Is it just for remote management?


thanks.

Correct Answer by Karsten Iwen about 4 years 1 month ago

Yes, you are right with your assumption. This is the Command & Control-Port where you assign an IP-address and where you access your IPS with SSH and IDM. SDEE events are communicated through this interface. So this port has to be connected for example to your management-VLAN.



-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Karsten Iwen Wed, 07/03/2013 - 13:13
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 Firewalling, VPN

Yes, you are right with your assumption. This is the Command & Control-Port where you assign an IP-address and where you access your IPS with SSH and IDM. SDEE events are communicated through this interface. So this port has to be connected for example to your management-VLAN.



-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Jesse Shumaker Wed, 07/03/2013 - 16:10
User Badges:

I think I got confused because I figured I could just go in via the ASA via the session 1 command and do all my configuration there. why do I need another management port since it's all in the same device.


thanks though

Karsten Iwen Wed, 07/03/2013 - 20:56
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 Firewalling, VPN

well, with the "session" command you only get that what is the serial console on other devices. But you can't use that to access the graphical user-interface.


And: The IPS and the ASA is *not* the "same device". They are two devices that just share the same chassis. But they are completely independent devices that are connected by a common backplane.



-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Actions

This Discussion