Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Silver

AIP-SSM Int gig0/0

Looking for an explanation of the gig0/0 interface in the AIP-SSM-20. The ASA runs 8.2 and the IPS runs 6.2.

The documentation I'm reading doesn't mention it all. I want a management interface separate from the default connection between the ASA and the ips module.

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: AIP-SSM Int gig0/0

M0/0 is the only interface you would configure IP address on. That would be used for the management traffic.

You do not configure any IP on G0/0 or G0/1 as the traffic that is to be inspected flows from the ASA to the module internally. You just define the policy-map on ASA to identify the traffic that flows to the module for inspection.

Check this link for details:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807335ca.shtml

12 REPLIES
New Member

Re: AIP-SSM Int gig0/0

Silver

Re: AIP-SSM Int gig0/0

Thanks for the reply.

This is for an AIP-SSM-20.

The Management interface for the module has what designation, gig0/0?

This IP address is different from the backplane default being used by the module to communicate with the ASA, correct?

The management interface is accesses via a physical port on the module itself, correct?

This same physical interface on the module is the reporting ip address being used when adding the sensor to MARS, correct?

New Member

Re: AIP-SSM Int gig0/0

GigabitEthernet0/1

Yes, the IP address is different. The physical port G0/1 is only used for management. The IP on the G0/1 of the module may be in the same subnet as the mangement interface of the ASA. Also you need to define a default gateway for the module. Whatever IP you configure for G0/1, would be used by MARS.

Silver

Re: AIP-SSM Int gig0/0

Hi Tanveer,

Thanks for the detailed response.

I believe that I was confusing the different modules.

Here is one last question from the setup command and the advanced configuration:

Management0/0 and gigabit 0/1 are given different IP addresses, correct? We want to use a same management vlan used by all networking devices. Does the gig0/1 have a different ip and is it the interface which connects to the ASA over the backplane?

Modify interface/virtual sensor configuration?[no]: yes

Current interface configuration

Command control: Management0/0

Unassigned:

Monitored:

GigabitEthernet0/1

Thank you in advance!

Silver

Re: AIP-SSM Int gig0/0

Hi Tanveer,

Thanks for the detailed response.

I believe that I was confusing the different modules.

Here is one last question from the setup command and the advanced configuration:

Management0/0 and gigabit 0/1 are given different IP addresses, correct? We want to use a same management vlan used by all networking devices. Does the gig0/1 have a different ip and is it the interface which connects to the ASA over the backplane?

Modify interface/virtual sensor configuration?[no]: yes

Current interface configuration

Command control: Management0/0

Unassigned:

Monitored:

GigabitEthernet0/1

Thank you in advance!

New Member

Re: AIP-SSM Int gig0/0

M0/0 is the only interface you would configure IP address on. That would be used for the management traffic.

You do not configure any IP on G0/0 or G0/1 as the traffic that is to be inspected flows from the ASA to the module internally. You just define the policy-map on ASA to identify the traffic that flows to the module for inspection.

Check this link for details:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807335ca.shtml

New Member

Re: AIP-SSM Int gig0/0

Hi Tanveer,

this is Yugandhar.

we are also having same confusion. if we assign management IP to Cisco ASA and IPS what will be the Gateway? becuase we are using different network in LAN. correct? we are having VLAN and DMZ environment. can you please explain clearly about physical connection? because we configured ASA and AIP-SSM-20 but we are not able to see any traffic. please help me on this.

please find attached sensor configuration also

Regards,

Yugandhar. M

New Member

Re: AIP-SSM Int gig0/0

Hi Tanveer,

we did not configure any management IP on Management interface.

Regards,

Yugandhar. M

New Member

Re: AIP-SSM Int gig0/0

Hi Tanveer,

we did not configure any management IP on Management interface on Cisco ASA 5510

Regards,

Yugandhar. M

New Member

Re: AIP-SSM Int gig0/0

The traffic that the ASA forwards to the AIP-SSM module for inspection is sent internally and does not use the management interface. The management interface is only to monitor/manage the module.

New Member

Re: AIP-SSM Int gig0/0

Thanq Tanveer.

i was connected Mangaement interface to my local LAN to access the Sensor and assigned sensor IP address as 192.168.1.87/24, and accessing AIP-SSM through ASDM using this IP only but i am able to send the traffic to AIP-SSM.

One more question tanveer. i am able to send the traffic to AIP-SSM because of service policy written in ASA. then i tried to block Yahoo HTTP-Proxy chat by using IPS signature. it is showing denied message in event viewer but it is not blocking. please help me on this. please find attached screenshot also

Regards,

Yugandhar. M

New Member

Re: AIP-SSM Int gig0/0

Once you identify the signature and its ID number, you will need to Edit the signature and choose the drop action. The default action may be to produce alert only.

967
Views
0
Helpful
12
Replies
CreatePlease login to create content