Re: Cisco 5585-X Firepower IPS only mode configuration

Rizwan · ‎11-08-2017

Hi,

I have Cisco 5585-X firewall with IPS hardware module and Firepower management center 6.1.

I want to configure it as inline IPS only mode with some other firewall. Please send me some document to configure 5585-X as IPS only mode. Thanks

Regards,

Rizwan

mikael.lahtela · ‎11-08-2017

Hi,

Just to verify are you running Firepower Image on the 5585 and it's connected to FMC?
If everything is up and running you can find more specific information about IPS configuration here:
https://www.cisco.com/c/en/us/td/docs/security/firepower/621/configuration/guide/fpmc-config-guide-v621/overview_of_network_analysis_and_intrusion_policies.html

br, Micke

Rizwan · ‎11-11-2017

Hi,

Yes its connected with FMC we want to use it as inline transparent IPS mode.

Regards,

Rizwan

Marvin Rhoads · ‎11-12-2017

Fro the IPS to work in inline transparent mode, the 5585-X must also be in transparent (i.e. not routed) mode. If that is the case, then the Firepower service module acts according to the mode of the firewall.

It is only with classic Firepower appliances or the newer FTD style appliance (not available on 5585-X) that we have the choice of configuring interface modes independently in Firepower Management Center.

Rizwan · ‎11-13-2017

I have 5585-X ssp-10 appliance can I configure it IPS only mode.

Please send me some document with configuration.

Marvin Rhoads · ‎11-13-2017

Please share output of "show firewall" (taken from the ASA 5585-X command line while in enable mode).

Marvin Rhoads · ‎11-10-2017

Does it have the Firepower SSP or IPS SSP? Only the former one can be managed by Firepower Management Center.