Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco IPS ASA SSM-10 Connectivity Issues

I am having trouble with connectivity and the IPS Module. The IPS management interface is plugged into a dell powerconnect switch using a straight cable and it shows a link. However I cannot ping the ip address i have assigned the management interface. Its almost like the interface is shutdown. Could this be the case? Can the management interfacee shutdown? If so how do I bring it up? If not what would be some troubleshooting techniques with the IPS Module?

4 REPLIES

Re: Cisco IPS ASA SSM-10 Connectivity Issues

First of all issue the command:

"show module 1 details"

To check if your module is in UP state.

If it is not UP, have a look at:

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00808908d5.shtml

Also check if the port is UP/UP on the switch.

Please also note that in order for the IPS IP to be pingable. the SOURCE pinging should be Permitted in the access-list of the IPS (which can be done using the 'setup' command or under service host). A better approach would be to ping the machine from the IPS itself, as this is not dependent on the Access List on the IPS.

Regards

Farrukh

New Member

Re: Cisco IPS ASA SSM-10 Connectivity Issues

I issued the show module 1 details command and everything shows up. I looked at the switch and everything is in the up state. I have tried pinging from the IPS to nodes on the same leg but nothing is going through. Im looking through the link you provided now and hope to find something. Any ther suggestions?

Re: Cisco IPS ASA SSM-10 Connectivity Issues

Check the 'show interface' command on the IPS (I hope it is available on the AIP-SSM).

Check the machine you are pinging, if it has an ARP entry for the IPS module's Management IP, 'arp -a' if its Windows.

Try changing the switch port (Or get a Cisco Switch :) )

Perhaps you can try to re-initialize the AIP-SSM using the 'setup' command.

Also if possible post the 'show interface' and 'show config' output of the module on the forum.

Regards

Farrukh

New Member

Re: Cisco IPS ASA SSM-10 Connectivity Issues

Hi,

If u r not able to ping the IPS from ur machine , then u directly connect ur machine to the IPS command&control interface. Then U should ping and after that U can access the IPS , but JAVA must be installed on ur machine to access the IPS.Also u must see the IPS config -- Mainly acess-list on the IPS. U can see as folows--

ASA#session 1

enter pass --

IPS#sh config

And from here u can see the access-list entries.

626
Views
0
Helpful
4
Replies