cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1457
Views
0
Helpful
13
Replies
Beginner

ASA 5510 - SSM 10

Hi,

I have an SSM module in an ASA 5510, when I try and change the host IP the SSH session to the ASA freezes and returns with a timeout error. After issuing the show module 1 details command the configuration remains the same.

I am using the session 1 do ip address command and I have also tried the session 1 ip address command.

Can anyone help?

Thanks,

Ash

Everyone's tags (6)
13 REPLIES 13
Highlighted
Cisco Employee

Re: ASA 5510 - SSM 10

Please just session into the module, and configure the new ip address after you are in the SSM module session.

As per the following doc, you are not supposed to configure/use: session 1 do ip address, or session 1 ip address unless advised by TAC:

http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/s1.html#wp1447034

Highlighted
Beginner

Re: ASA 5510 - SSM 10

Okay, thanks.

How is this configured? There weren't too many options available when I used ?

Highlighted
Cisco Employee

Re: ASA 5510 - SSM 10

"session 1" to session into the IPS module, and you will be prompted for username and password of the IPS module.

Once you authenticate, you will be in the IPS configuration CLI, and you can change the IP Address.

Highlighted
Beginner

Re: ASA 5510 - SSM 10

What are the commands?

Highlighted
Cisco Employee

Re: ASA 5510 - SSM 10

Run the "setup" command, and it will run you through the ip address change.

The syntax should be "ipaddress/mask,default gateway"

Highlighted
Beginner

Re: ASA 5510 - SSM 10

setup command does not work. Comes back with invalid input detected.

Highlighted
Cisco Employee

Re: ASA 5510 - SSM 10

Are you session into the module yet?

Can you please copy and paste your SSH output.

Highlighted
Beginner

Re: ASA 5510 - SSM 10

Yeah, this occurred whilst on the SSM. Output below:

ntsdemo-fw1# session 1

Opening command session with slot 1.

Connected to slot 1. Escape character sequence is 'CTRL-^X'.

Welcome to NTS Login Page!

login: admin

Password:

Last login: Tue May 22 13:13:41 from 127.0.1.1

***NOTICE***

This product contains cryptographic features and is subject to United States

and local country laws governing import, export, transfer and use. Delivery

of Cisco cryptographic products does not imply third-party authority to import,

export, distribute or use encryption. Importers, exporters, distributors and

users are responsible for compliance with U.S. and local country laws. By using

this product you agree to comply with applicable laws and regulations. If you

are unable to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

export@cisco.com.

***LICENSE NOTICE***

There is no license key installed on the system.

The system will continue to operate with the currently installed

signature set.  A valid license must be obtained in order to apply

signature updates.  Please go to http://www.cisco.com/go/license

to obtain a new license or install a license.

NTS-IPS-Sensor# setup

                ^

% Invalid input detected at '^' marker

Highlighted
Cisco Employee

Re: ASA 5510 - SSM 10

Strange,....

Try the following:

config t

service host

network-settings

host-ip /,

Highlighted
Beginner

Re: ASA 5510 - SSM 10

When I enter that I get the following:

NTS-IPS-Sensor# conf t

NTS-IPS-Sensor(config)# service host

NTS-IPS-Sensor(config-hos)# ?

exit     Exit service configuration mode.

show     Display system settings and/or history information.

NTS-IPS-Sensor(config-hos)# network-settings

                            ^

% Invalid input detected at '^' marker

Highlighted
Cisco Employee

Re: ASA 5510 - SSM 10

Are you logging into the IPS with full admin privileges? looks like you only have read-only access to the IPS, hence can't make any changes.

Highlighted
Beginner

Re: ASA 5510 - SSM 10

I gues not. Is there any way of wiping the config as I don't know the admin username and password?

Highlighted
Cisco Employee

Re: ASA 5510 - SSM 10