I configured a Cisco Firepower IPS Module / Sourcefire IPS to run in my Cisco ASA 5515x. The IP address of the module is statically configured to be on the same /24 subnet as my My management port Gi0/0, and as well as the VMWare ESXi host running the Firesight Manager Center (both on same subnet).
From the Firepower Module (accessed through cli session on Cisco ASA), I can ping the Gi0/0 Gateway, and all other hosts on my Management VLAN, but I cannot reach outside. Since the IPS Module is essentially built into the Cisco ASA, there is no "source" interface to configure a ACL to allow the module to ping out.
I even tried: config t --> icmp permit host 172.XX.XX.3 outside (where .3 is my IPS Module running atop the Cisco ASA) just to see if I can get ping to reach outside. I tried to ping 4.2.2.2, no reply.
How do I allow an internally hosted IPS module within the Cisco ASA to be able to reach out to the internet?