Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

connecting to IPS with ASDM

I am doing ASA5510 with IPS, initial setup. I can access ASA from ASDM. But when I click the IPS tab in ASDM, it will retrieve the management IP of the IPS, but finally says "unable to connect".

I tried even chaning management IP using CLI, still no luck.

Any ideas ?

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: connecting to IPS with ASDM

Hi,

Is the management interface of SSM connected to your local lan.At the back of asa,where aip-ssm is plugged in,you would see a management interface.This management interface should have a cable running to your local lan switch or router.There has to be a connectivity from local lan to the management interface so that aip-ssm info. could be retrieved.

Please rate if helps. :)

Regards,

Sushil

Gold

Re: connecting to IPS with ASDM

In addition to connecting the AIP-SSM to your LAN, as Sushil suggested, you will need to assign an IP address, netmask, gateway and place your management host's IP address into the AIP-SSM's allowed hosts list. You can do all this by connecting to the AIP-SSM via the ASA using the "session 1" command, loging in (cisco/cisco by default) and running "setup".

6 REPLIES
Cisco Employee

Re: connecting to IPS with ASDM

Hi,

Is the management interface of SSM connected to your local lan.At the back of asa,where aip-ssm is plugged in,you would see a management interface.This management interface should have a cable running to your local lan switch or router.There has to be a connectivity from local lan to the management interface so that aip-ssm info. could be retrieved.

Please rate if helps. :)

Regards,

Sushil

Gold

Re: connecting to IPS with ASDM

In addition to connecting the AIP-SSM to your LAN, as Sushil suggested, you will need to assign an IP address, netmask, gateway and place your management host's IP address into the AIP-SSM's allowed hosts list. You can do all this by connecting to the AIP-SSM via the ASA using the "session 1" command, loging in (cisco/cisco by default) and running "setup".

New Member

Re: connecting to IPS with ASDM

Thanks for both answers! I was able to connect though management iontarface, connected to the LAN. I wonder is there any way that I can connect to AIP-SSM internally ( ie using the ASDM conneciton alone) , without actually using the management interface.

Cisco Employee

Re: connecting to IPS with ASDM

That would not be possible.ASDM open on ur w/station connects to ips through the management interface of ssm.You can treat this as a separate connection initiated by asdm s/w to the ip address of ssm from the w/station.

Regards,

Sushil

New Member

Re: connecting to IPS with ASDM

Is it necessary to access the management interface from ASDM via the same network. Or can it be a different network as well.

In my case, the pings from other network are going through but the telnet to port 443 is not responding. It is however responding from the same network as management interface. Is there a restriction like this ?

Thanks.

Gold

Re: connecting to IPS with ASDM

The ASA management interface can be on a different network from the AIP-SSM Management network address.

Check the allowed hosts on your IPS module, you might be denying access to the network/host that can't https to your sensor.

562
Views
0
Helpful
6
Replies
CreatePlease to create content