Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
808
Views
0
Helpful
6
Replies

ASDM and AIP-SSM

jkeddington_2
Level 1
Level 1

‎05-02-2007 07:57 AM - edited ‎03-09-2019 05:54 PM

I have upgraded the AIP to version 6.0 and I should be able to now launch the IPS module in ASDM, but instead I get an error - unable to connect too sensor. I can access the sensor just fine from IE.

Labels:
0 Helpful
6 Replies 6

acomiskey
Level 10
Level 10

‎05-02-2007 09:19 AM

Are you trying the correct ip address? Does the ASA have a route to this ip?

0 Helpful

jkeddington_2
Level 1
Level 1
In response to acomiskey

‎05-02-2007 09:44 AM

More info: The person sitting next too me has not issues. From ASDM he can launch IPS inside ASDM, so I know it does work. Yes I the correct IP address is being displayed in ASDM. No there is not a route in the ASA because the IP address of the AIP-SSM is in the same subnet as the inside interface of the ASA. Yes I do have a cable connecting the AIP-SSM management port to an internal switch.

0 Helpful

acomiskey
Level 10
Level 10
In response to jkeddington_2

‎05-02-2007 09:53 AM

Is the ASA an "allowed host"?

service host

network settings

access-list /32

0 Helpful

jkeddington_2
Level 1
Level 1
In response to acomiskey

‎05-02-2007 09:59 AM

Great question. Actually I have it open for the entire class B network range. Someone sitting right next too me can get it too work but I can't.

0 Helpful

acomiskey
Level 10
Level 10
In response to jkeddington_2

‎05-02-2007 10:10 AM

The guy next to you has no problem connecting through ASDM to the same ASA you are trying or a completely different ASA?

edit: Also is ssl enabled on the sensor?

service web-server

enable-tls

port 443

0 Helpful

jkeddington_2
Level 1
Level 1
In response to acomiskey

‎05-02-2007 10:38 AM

Yes it is. Just to make things a little easier here is my config for the AIP-SSM:

! ------------------------------

! Current configuration last modified Wed May 02 12:35:15 2007

! ------------------------------

! Version 6.0(1)

! Host:

! Realm Keys key1.0

! Signature Definition:

! Signature Update S274.0 2007-03-01

! Virus Update V1.2 2005-11-24

! ------------------------------

service interface

exit

! ------------------------------

service authentication

exit

! ------------------------------

service event-action-rules rules0

overrides deny-packet-inline

override-item-status Enabled

risk-rating-range 90-100

exit

exit

! ------------------------------

service host

network-settings

host-ip x.x.18.253/27,x.x.18.225

host-name sensor

telnet-option disabled

access-list x.x.0.0/16

exit

time-zone-settings

offset -420

standard-time-zone-name GMT-07:00

exit

summertime-option recurring

offset 60

summertime-zone-name GMT-07:00

start-summertime

month march

week-of-month second

day-of-week sunday

time-of-day 02:00:00

exit

end-summertime

month november

week-of-month first

day-of-week sunday

time-of-day 02:00:00

exit

exit

exit

! ------------------------------

service logger

exit

! ------------------------------

service network-access

exit

! ------------------------------

service notification

exit

! ------------------------------

service signature-definition sig0

exit

! ------------------------------

service ssh-known-hosts

exit

! ------------------------------

service trusted-certificates

exit

! ------------------------------

service web-server

enable-tls true

port 443

exit

! ------------------------------

service anomaly-detection ad0

exit

! ------------------------------

service external-product-interface

exit

! ------------------------------

service analysis-engine

virtual-sensor vs0

physical-interface GigabitEthernet0/1

0 Helpful
Customers Also Viewed These Support Documents