Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
348
Views
0
Helpful
1
Replies

AIP-SSM update issue

mulugojjam abebe
Level 1
Level 1

‎10-26-2011 01:11 AM - edited ‎03-11-2019 02:42 PM

Hi all,

I have two ASA5540 firewalls working in active/standby failover. Both have AIP-SSM-40 modules. I have configured the update source for the signatures from cisco .com with my smartnet. The problem is the SSM only on the active firewall is updating regularly.I want to check if there is configuration problem and i changed the standby firewall to be active then it started to update and the other SSM module stopped updating. Is updating on SSM only works for the active device?

Thank you

Mulu

Labels:
0 Helpful
1 Reply 1

Maykol Rojas
Cisco Employee
Cisco Employee

‎10-28-2011 12:23 AM

No, I dont think there is anything wrong with the device, but is more like how it works. The Standby ASA Module should have the primary ASA IP as gateway in order to go and do the auto update. Remember that the standby ASA cannot pass traffic across it. So if you put the default gateway on the standby SSM module as the default gateway, it is not going to work.

Now, the other point (and I think this is the issue) would be routing, if you connect to the standby ssm module via CLI, can you ping the something on the internet? You need to make sure that the AIP have a path to reach the cloud.

Mike.

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card