IPS SoftModule on 5545 need license ?

utkanvural · ‎05-27-2014

Hello,

I have ASA with IPS module.

License Status: No Licence

Well, I wanna analyze all interface on ASA but I just see 1 port (port-channel0/0) on IDM.

IDM screenshot at attachment

Why ? Could anyone comment this situation ?

Regards,

jason.loera · ‎05-27-2014

You cannot monitor ASA interfaces using IDM. You need ASDM. ASDM has a tab for IPS', too. You'll be able to monitor your entire unit with it.

Also, if you have multiple virtual sensors with a software IPS or an IPS SSM, they'll all be grouped under PortChannel0/0. It's the only available physical interface.

utkanvural · ‎05-28-2014

Hi Jason,

Yes as you mention I have also ASDM and tab for IPS but I can not see other interface too on tab for IPS

ASDM screenshot at attachment

utkanvural · ‎05-28-2014

I can not monitor both inside and outside of a firewall or NAT device. Because IPS's interface status null! just there is port-channel and management ports others like gigabit0/3-gigabit/04 no there is why?

jason.loera · ‎05-28-2014

That's correct. In any IPS management software, ASDM or IDM, you can only view the IPS interfaces. If you want to monitor the firewall interfaces, you have to do it in the "Device" tab of ASDM. Although embedded in the ASA, the IPS acts as a separate entity altogether. Physically, it's part of the ASA chassis, logically it is its own separate device.

utkanvural · ‎05-28-2014

sorry I dont understand what do I have to do ?

Ok I am at device tab of ASDM then ? Screenshot attached

jason.loera · ‎05-28-2014

Do you have a software, hardware module, or IPS appliance?

utkanvural · ‎05-28-2014

I have a software IPS on Asa 5545