Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1088
Views
0
Helpful
1
Replies

ASA-SSM-20 on active failover configuration

Go to solution
kutukutu9
Level 1
Level 1

‎03-10-2009 06:37 AM - edited ‎03-10-2019 04:32 AM

Can you synchronize the configuration data between two IPS systems?

I have two ASA-SSM-20 (6.1.1 E3) one in each of my ASA's. The ASA's are in active failover. When configuring on IPS module I always have to also make those same changes in the stand-by unit. Is there a way to sync these two IPS's up so when one is configured the other is updated?

Many thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎03-10-2009 07:01 AM

Unlike the ASA there is not an automatic feature to keep the configuration in sync across the 2 SSMs.

Some options:

You can use the copy command to copy the configuration from one sensor to an ftp/scp server.

Then use the copy command on the second sensor to copy the configuration onto the second sensor. During the copy it will ask whether or not to change the sensor's IP to what is in the configuration file. You will need to tell it to NOT change the sensor's IP, otherwise you would wind up with 2 SSMs with the same IP and have trouble connecting to them.

Another option is to use CSM. CSM has configuration that applies to single sensors, but also has group configuration that can be applied across multiple sensors.

If you used the group configuration, then you could make a single change at the group configuration and apply it across all sensors in the group (you would place your 2 SSMs into the same group).

View solution in original post

0 Helpful
1 Reply 1

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎03-10-2009 07:01 AM

Unlike the ASA there is not an automatic feature to keep the configuration in sync across the 2 SSMs.

Some options:

You can use the copy command to copy the configuration from one sensor to an ftp/scp server.

Then use the copy command on the second sensor to copy the configuration onto the second sensor. During the copy it will ask whether or not to change the sensor's IP to what is in the configuration file. You will need to tell it to NOT change the sensor's IP, otherwise you would wind up with 2 SSMs with the same IP and have trouble connecting to them.

Another option is to use CSM. CSM has configuration that applies to single sensors, but also has group configuration that can be applied across multiple sensors.

If you used the group configuration, then you could make a single change at the group configuration and apply it across all sensors in the group (you would place your 2 SSMs into the same group).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card