10-09-2014 07:27 AM - edited 03-11-2019 09:53 PM
Hi experts... pls help me in setting up IPS in ASA 5525. We are running ASA in HA mode. ASA has inbuilt IPS module. When i login in ASDM i dont see IPS option in configuration. I need to setup IPS and insall license on it. Pls help me in this.
ASA# dir flash:
Directory of disk0:/
11 drwx 4096 13:59:26 Apr 26 2014 log
22 drwx 4096 21:00:19 Aug 13 2014 crypto_archive
23 drwx 4096 14:00:02 Apr 26 2014 coredumpinfo
113 -rwx 38191104 14:02:40 Apr 26 2014 asa912-smp-k8.bin
114 -rwx 18097844 14:06:42 Apr 26 2014 asdm-713.bin
115 drwx 4096 15:40:46 Jun 12 2014 tmp
128 -rwx 45854720 17:04:38 Oct 09 2014 IPS-SSP_5525-K9-sys-1.1-a-7.1-6-E4.aip
116 -rwx 12998641 14:11:48 Apr 26 2014 csd_3.5.2008-k9.pkg
117 drwx 4096 14:11:48 Apr 26 2014 sdesktop
ASA# sh module | i ips
ips Unknown N/A
ips Unknown No Image Present Not Applicable
ips Unresponsive Not Applicable
ips IPS Module Disabled perpetual
10-09-2014 08:00 PM
Hi,
You would first need to activate the IPS module license on the ASA device. After that you would see the IPS enabled in the output.
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/modules_ips.html#pgfId-1104578
Then you can follow this guide to configure or setup the IPS module:-
http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/ips/ips_qsg.html
Let me know if you have any other queries.
Thanks and Regards,
Vibhor Amrodia
10-10-2014 04:29 AM
Thanks Vibhor for your help, pls guide me how to activate license to enable IPS.
pls share procedure.
10-10-2014 07:16 AM
Hi. I am going to execute below command to install and load the IPS module software but need to confirm that this command would not reload or erase configuration of ASA. pls confirm.
"sw-module module ips recover boot"
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide