Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA and CSC -SSM

Hi, I have a question about the physical setup of both of these. I have an ASA which is my internet firewall and the CSC-SSM. The inside of the internet firewall is connected to a Private DMZ. I have also connected the management of the CSC-SSM to this private DMZ. I have another firewall also connected to this private DMZ which links to the inside Network. If I make the inside of the ASA the default gateway for the CSC SSM, I cannot manage the CSC-SSM. Traffic is going to it from the inside network but it doesn't get back. If I make the firewall linking the private DMZ and inside network the default gateway, I can manage the CSC-SSM but the updates don't work correctly (i.e. it will only download some updates) Anybody any suggestions how they connected theirs up?

3 REPLIES
Community Member

Re: ASA and CSC -SSM

Hi,

How about configuring source NAT for your clients that will manage the CSC-SSM in the inside firewall and having the default gateway pointing to internet firewall?

Anthony

Community Member

Re: ASA and CSC -SSM

Thanks for the reply Anthony. Unfortunately we are not natting on the inside firewall and it would require a big change of infrastructure to implement something like that.

Community Member

Re: ASA and CSC -SSM

Just an update if anybody else is working with these. I put the Management of the CSC SSM on the inside network and it worked fine. There is no routing table on the CSC SSM.

316
Views
0
Helpful
3
Replies
CreatePlease to create content