Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA -AIP-SSM20

Hello,

Will the configs will replicate to the AIP-SSM 20 from primary ASA to Secondary ASA with AIP-SSM20,  OR failover only replicates the ASA configs.

If so it is only replicating the ASA configs then what we shld do to replicate configs from primary AIP-SSM20 to Secondary AIP-SSM20,????

Is there any method or manual copy/paste from 1 AIP-SSM20 to another.

Thanks,

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ASA -AIP-SSM20

The AIP module interface needs to be connected to a port on the switch. The port on the switch has to be on the same vlan, to which the

ip address/subnet you assigned to the AIP module belongs to.

You use IDM or IEV to connect to the AIP via the ip address you assigned to the AIP, and it's path is through the port on the AIP module (not the ASA)

Regards,

6 REPLIES
Cisco Employee

Re: ASA -AIP-SSM20

Failover only replicates ASA configs and conn states.

Unfortunately, the AIPs do not replicate configs.

I hope it helps.

PK

New Member

Re: ASA -AIP-SSM20

Hello Dear,

Thanks for ur reply for above query,another question:

Is it so i have to connect the AIP management0/0 port to core switch OR without connecting also i can telnet to IPS i hope traffic will travel by ASA, ?????

Message was edited by: thomasandy32

Cisco Employee

Re: ASA -AIP-SSM20

The management interface of the AIP is for management and upgrades.

You can configure it from the ASA by doing "session 1" on the ASA CLI.

PK

New Member

Re: ASA -AIP-SSM20

Hello,

Do the management interface on AIP-SSM 20 should be connected to core switch,because the IP what i specify is not reacheable from inside network, if i dont conenct a cable to core switch,

1) I used the inside interface subnet for the AIP-SSM management0/0 and allowed the subnet in access-list without connecting a cable to core it is not reacheable.

Cisco Employee

Re: ASA -AIP-SSM20

The AIP module interface needs to be connected to a port on the switch. The port on the switch has to be on the same vlan, to which the

ip address/subnet you assigned to the AIP module belongs to.

You use IDM or IEV to connect to the AIP via the ip address you assigned to the AIP, and it's path is through the port on the AIP module (not the ASA)

Regards,

Super Bronze

Re: ASA -AIP-SSM20

For management to the AIP module, the management interface on the AIP module itself needs to be connected to your network (core switch) and configured in the correct VLAN, and the AIP module needs to be configured with an ip address in that VLAN which is accessible from your internal network.

Hope that helps.

465
Views
0
Helpful
6
Replies