cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
501
Views
0
Helpful
1
Replies

Sourcefire IPS with ASA5515-X - A few questions

SAM MUNZANI
Level 1
Level 1

Hi,

I am implementing sourcefire IPS for the 1st time in life and have a few basic questions that I couldn't find answers in the documentation.

1. I was able uninstall IPS module and load boot image for SFR and console to the sfr module. Now the setup is saying to assign it an IP. Which subnet the IP would be from? How does sfr module communicate to management station? Through inside interface or Management0/0 interface? Can I assign an IP for the sfr from inside interface?

2. The document is saying the process to download system image is through http://URL. I don't have an http server handy so can I use ftp protocol or any other protocol to download the system image?

3. If sfr module uses management interface, do I do static routes to route management stations IP through management interface? To my knowledge ASA doesn't do VRFs and keep a separate routing table for the management interface.

Thanks in advance,

1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

1. The sfr module uses M0/0 for management. It needs its own unique IP address assigned. It can be on the same subnet as the inside interface of the ASA if the interfaces go into the same downstream VLAN. The ASA config has to have "no nameif" on that interface.

2. Yes you can use ftp (or tftp or scp also I believe).

3. The sfr module has its own definition of a default gateway and routes all its external communication via that (and out the physical ASA M0/0 interface). That's completely distinct from the ASA's routing table.

Review Cisco Networking for a $25 gift card