Solved: ASA 5510 IPS Module Simple Question

Jesse Shumaker · ‎07-03-2013

I have a 5510 and am going to install the AIP10SP-K9 SSM module and am wondering what the gigabit port that comes on this is used for? Is it just for remote management?

thanks.

Karsten Iwen · ‎07-03-2013

Yes, you are right with your assumption. This is the Command & Control-Port where you assign an IP-address and where you access your IPS with SSH and IDM. SDEE events are communicated through this interface. So this port has to be connected for example to your management-VLAN.

--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post

Karsten Iwen · ‎07-03-2013

Yes, you are right with your assumption. This is the Command & Control-Port where you assign an IP-address and where you access your IPS with SSH and IDM. SDEE events are communicated through this interface. So this port has to be connected for example to your management-VLAN.

--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Jesse Shumaker · ‎07-03-2013

I think I got confused because I figured I could just go in via the ASA via the session 1 command and do all my configuration there. why do I need another management port since it's all in the same device.

thanks though

Karsten Iwen · ‎07-03-2013

well, with the "session" command you only get that what is the serial console on other devices. But you can't use that to access the graphical user-interface.

And: The IPS and the ASA is *not* the "same device". They are two devices that just share the same chassis. But they are completely independent devices that are connected by a common backplane.

--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

pankaj29in · ‎07-04-2013