Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
749
Views
0
Helpful
1
Replies

IPS setup question

Colin Higgins
Level 2
Level 2

‎10-02-2013 06:37 AM - edited ‎03-10-2019 06:03 AM

I have a ASA 5545X with the internal IPS module

The IP address of the IPS module is one the management network (management interface) (192.168.108.x), and during setup of the IPS, I specify the default gateway as either the management interface of the ASA or the IP of the downstream switch.

The IPS module will have to communicate with the Internet for updates, and I will hvtbe to remotely manage it

so here is my question:

When the IPS module attempts to contact hosts on the Internet, wht path does it follow? Does it go out the magaement interface, through the downstream swtich, and then to the inside interface of the ASA, and out to the web?

If so, do I need to modify the ACL on the inside interface to allow the IPS module out? What ports will need to be open? 443? 80?

Then, if I try to contact this IPS module, and the management interface is set to "management-only", how do I get in? (I assume this limits access to the management network 192.168.108.x)

Any advice would be great

Labels:
0 Helpful
1 Reply 1

Luis Silva Benavides
Cisco Employee
Cisco Employee

‎10-02-2013 11:48 AM

Hi Colin,

This DOCs covers your questions:

http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_tech_note09186a0080bd5d03.shtml

http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_tech_note09186a0080bd5d00.shtml

HTH

Luis Silva

"If you need PDI (Planning, Design, Implement) assistance feel free to reach us"

http://www.cisco.com/web/partners/tools/pdihd.html

Luis Silva
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card