Blog Archives

Cisco ASA 5500x IPS Management IP Configuration

The ASA 5500x series (other than the 5585x) uses the management 0/0 port on the ASA itself as the port it uses to communicate with the network.

You have to have the management port up in order to reach the IPS sensor management IP, but you don’t necessarily have to have an IP address on the ASA m0/0 port itself.

For example, this configuration works fine:

ASA Management Interface

interface Management0/0
 nameif management
 security-level 100
 no ip address

IPS Management Interface

service host
network-settings
host-ip 172.16.0.251/24,172.16.0.1

Just something to maybe save someone a few minutes…

Advertisements

Cisco ASA IPS Sensor Upgrade Time

For those impatient people among us (me included) …just a note in case anyone is searching for this…it appears that it takes roughly 10 minutes for an IPS sensor in an ASA 5525x to upgrade.

I must’ve killed it two or three times after 5 minutes or so thinking there was a problem…there wasn’t. Awesome.