Solved: ASA 5525 IPS

CSCO11209280 · ‎07-05-2012

I have a asa 5525 and the license with IPS ,but i dont know How usede the IPS issue.anyone can tell me?

sawgupta · ‎07-09-2012

You would need to re-image IPS

http://www.cisco.com/en/US/docs/security/ips/7.1/configuration/guide/idm/idm_system_images.html#wpxref15759

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta

View solution in original post

sawgupta · ‎07-05-2012

Your question is not very clear. Are you unable to connect to IPS ?

From ASA, you can simply issue "session ips" to connect to IPS and configure.

Any specific problem that you are facing ?

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta

CSCO11209280 · ‎07-05-2012

yes unable to connect to IPS

how can i use the IPS

sawgupta · ‎07-05-2012

This guide should help you out:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/modules_ips.html

Let me know what is your exact requirement.

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta

CSCO11209280 · ‎07-05-2012

can't input “ session 1” in the ASA,

i don't know how active it

sawgupta · ‎07-05-2012

Please use "session ips". I updated my answer above.

http://www.cisco.com/en/US/docs/security/ips/7.1/installation/guide/hw_logging_in.html#wp1072132

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta

ckamath · ‎07-05-2012

Command is "session ips" and you can check the module state using "show module ips" command.

CSCO11209280 · ‎07-05-2012

when "session ips " it note:can't sent message to module

ckamath · ‎07-05-2012

You need license to be able to use IPS, can you please check if IPS module is enabled on your box.

Please issue "show module ips" command and check the License Status -

# show module ips

................

Mod License Name License Status Time Remaining
--- -------------- --------------- ---------------
ips IPS Module Enabled perpetual

............

CSCO11209280 · ‎07-05-2012

OK ,thank you for your help.

next monday,i will try again.

CSCO11209280 · ‎07-09-2012

sawgupta · ‎07-09-2012

You would need to re-image IPS

http://www.cisco.com/en/US/docs/security/ips/7.1/configuration/guide/idm/idm_system_images.html#wpxref15759

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta

CSCO11209280 · ‎07-12-2012

thank you very much

I re-image ips and "show module" and "session IPS"

ciscoasa# show module

Mod Card Type Model Serial No.

--- -------------------------------------------- ------------------ -----------

0 ASA 5525-X with SW, 8 GE Data, 1 GE Mgmt, AC ASA5525 FCH1623704D

ips ASA 5525-X IPS Security Services Processor ASA5525-IPS FCH1623704D

Mod MAC Address Range Hw Version Fw Version Sw Version

--- --------------------------------- ------------ ------------ ---------------

0 a493.4caa.50b3 to a493.4caa.50bc 1.0 2.1(9)8 8.6(1)

ips a493.4caa.50b1 to a493.4caa.50b1 N/A N/A 7.1(4)E4

Mod SSM Application Name Status SSM Application Version

--- ------------------------------ ---------------- --------------------------

ips IPS Up 7.1(4)E4

Mod Status Data Plane Status Compatibility

--- ------------------ --------------------- -------------

0 Up Sys Not Applicable

ips Up Up

Mod License Name License Status Time Remaining

--- -------------- --------------- ---------------

ips IPS Module Enabled perpetual

when loggin IPS display

***LICENSE NOTICE***

There is no license key installed on this IPS platform.

The system will continue to operate with the currently installed

signature set. A valid license must be obtained in order to apply

signature updates. Please go to http://www.cisco.com/go/license

to obtain a new license or install a license.

why no license!!

sawgupta · ‎07-12-2012

IPS will continue to work perfectly fine; however for Signature updates, you would require a license.

http://www.cisco.com/en/US/docs/security/asa/asa84/asdm64/configuration_guide/modules_ips.html#wp1104578

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta

anthonyakinboh25 · ‎07-18-2013

Hi guys please how do i install the Lincence of Cisco IPS trial- version on my ASA .