I recently inherited the maintenance of a couple ASA-SSM-20 platforms on our network. I've never done anything with these before, so please bear with me if I don't know what I'm talking about.
Anyway, they are both supposed to send their events to a CS-MARS machine, but I noticed that only one was generating anything. After logging into the IPS Manager Express, both of the IPS's show up and they both show packets being received and transmitted from both NICs.
So I decided to login via SSH on both of them to compare. NIC1 is supposed to be the sensor interface on both of them, so I tried to see if they were both capturing packets by doing "packet display <interface> count 5". Well, the IPS that is sending events showed 5 packets immediately, while the other one did not.
Also, doing a "show events" on both of them results in a similar occurrence. One displays some events, while the other doesn't.
So I would expect to be able to capture packets if both interfaces show they are receiving and transmitting packets on both machines (the packet count continuously increases). Am I missing something obvious? I've been trying to fix this for a while and I think my brain is frying! Thanks in advance for any suggestions!
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...