cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
617
Views
0
Helpful
2
Replies

ASA with AIP-SSM-20 Module Problem

uzair.infotech
Level 1
Level 1

Hi, 

I have ASA5520 with AIP-SSM-20 module using to protect my department. My outside interface is connected to my company IT network. I need auto update for IPS signature. My IT department provide me a Ip on which internet access is open is 172.16.21.129 from outside subnet with proxy Ip 172.16.1.20. I need to configure this Ip on my ASA so my IPS can download signature automatically.

My question is where I put these Ip and proxy address on my ASA.Should I configure it on my IPS mgmt interface and connected that interface on same van of my outside interface?  Please help.

Regards, 

Uzair Hussain

2 Replies 2

uzair.infotech
Level 1
Level 1

My inside interface 172.19.x. x 

Outside interface 172.16.x. x

Dmz interface 172.17.x. x 

The IPS-module communicates with the dedicated SSM-management-port with the outer world. You can either:

  • connect the SSM-port to your outside network and provide an authorized outside IP-config.
  • connect the SSM-port to your internal network with an internal IP and translate this IP to the authorized IP on the outside.

I would prefer the second option.

Review Cisco Networking for a $25 gift card