Cisco ASA 5505 User Manual

Page 1232

58-12

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 58 Configuring the ASA IPS Module

Configuring the ASA IPS module

Restrictions

Do not configure NAT for the management address if you intend to access it using ASDM. For initial
setup with ASDM, you need to access the real address. After initial setup (where you set the password
on the ASA IPS module), you can configure NAT and supply ASDM with the translated address for
accessing the ASA IPS module.

Detailed Steps

Command

Purpose

Step 1

interface vlan

number

Example:

hostname(config)# interface vlan 1

Specifies the current management VLAN for which you want to
disable IPS management. By default, this is VLAN 1.

Step 2

no allow-ssc-mgmt

Example:

hostname(config-if)# no allow-ssc-mgmt

Disables IPS management for the old VLAN so that you can
enable it for a different VLAN.

Step 3

interface vlan

number

Example:

hostname(config)# interface vlan 20

Specifies the VLAN you want to use as the new IPS management
VLAN.

Step 4

allow-ssc-mgmt

Example:

hostname(config-if)# allow-ssc-mgmt

Sets this interface as the IPS management interface.

This manual is related to the following products:

ASA 5585-X ASA 5555-X ASA 5545-X ASA 5525-X ASA 5515-X ASA 5512-X ASA 5580 ASA 5550 ASA 5540 ASA 5520 ASA 5510 ASA 5500 Series