cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1333
Views
0
Helpful
8
Replies

AIP-SSM10 Management

Cesar_Cepeda
Level 1
Level 1

HI,

I have an ASA 5520 with AIP-SSM10, I have configure AIP module with setup, but I dont have access through the ASDM to IPS, I only have access through cli session 1 comand.

How can I acces the module through the ASDM.

8 Replies 8

rhermes
Level 7
Level 7

Cesar -

You can't manage the SSM modules via the ASDM.

The SSM-10 modules are a stand alone IPS device and have their own GUI called IDSM. Give the module a physical network connection (the jack on the card is for management), fire up your web browser and point it at the management IP address you configured on the SSM when you ran "setup".

OK, I have tried to connect the AIP-SSM10 configuration interface through the management port but I cant. I can ping from the module to the PC but from PC to the module cant connect.

Some suggestion.

Get on the sensor console of the SSM-10 and add the IP address of your PC into the "allowed hosts" on the SSM-10.

Running "setup" might be the easy way to do this.

Thanks that had done, but now I have a question about how should be the ips address of ASA and the AIP-SSM10.

I have configured the IP of AIP-SSM10 whit an IP in same network that inside conect those two ports to a switch, in that switch I connected my PC in the inside network and can management the AIP-SSM10 from ASDM, this config is correct???? or what should be the ip address schemme

It sounds like you have the AIP-SSM connected and addressed properly. I would make your command and control network at least a /29 so that you have enough IP addresses for your AIP-SSM, the ASA and your PC.

If you have everything set up properly, you should be able to ping and https: to your AIP-SSM

That is not true. You CAN manage the ssm module through the ASDM.

You are correct. IDM, CLI, or ASDM can all be used to manage the AIP-SSM.

jim.sellers
Level 1
Level 1

one thing to make sure you do is set the IPS ACL or you wont be able to connect to it.

Review Cisco Networking for a $25 gift card