I have installed ASA CX boot image and Software image on my ASA 5515-X. Now having 3 issues :
1 ) I used :
asa# session cxsc console
to login to CX. But how come I will get back to my ASA console back..?
2) I have subinterface (w.r.t VLANs on 0/1 followed with unmanaged network) and WAN link which was working fine, when I installed CX image I lost my internal network as well as Internet too. Why is it so..?
3) And is there any step by step guide to configure Web-Filter & IPS on ASA-CX.....
Once you have access via PRSM, you can build and setup policies as described in the User Guide (specifically see the section of "The Basics, Managing Policy")
(properly) Installing the CX module software should not, by itself, affect in any way your base ASA operations or traffic flow. It's only when you redirect traffic (via a service policy) that you have the potential to affect traffic flow.
It sounds like you are logging into the CX management IP address and not the ASA management IP address. Perhaps you assigned it the same address as your ASA originally had? When you log into the CX cli directly, you cannot change into the ASA cli from it.
Note in the document I linked above that it directs you to assign a unique address to the CX management interface. It shares the physical M0/0 interface of the ASA.
The ASA itself does not necessarily have an address assigned to M0/0 (as it can be managed from any permitted interface address) but, if it does, it must be different than the one used by the CX module.
I have never seen this behavior. I can only imagine some error during the CX module installation that overwrote your ASA configuration.
Since the ASA is no longer functioning correctly, I suggest your reboot while connected to the console and watch to see what image is being loaded. You may need to break in rommon and re-establish the ASA software as the primary booted image.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...