Cisco ASA 5506-X Configuration Manual page 345
Cli
Hide thumbs
Also See for ASA 5506-X:
- Installation manual (46 pages) ,
- Hardware installation manual (26 pages) ,
- Quick start manual (14 pages)
Advertisement
Chapter 16
ASA FirePOWER (SFR) Module
ASA FirePOWER Management Access
There are two separate layers of access for managing an ASA FirePOWER module: initial configuration
(and subsequent troubleshooting) and policy management.
•
•
Initial Configuration
For initial configuration, you must use the CLI on the ASA FirePOWER module. For information on the
default management addresses, see
To access the CLI, you can use the following methods:
•
•
Policy Configuration and Management
After you perform initial configuration, configure the ASA FirePOWER security policy using
FireSIGHT Management Center (for all models) or ASDM (for 5506-X) . Then configure the ASA
policy for sending traffic to the ASA FirePOWER module using ASDM or Cisco Security Manager.
Initial Configuration, page 16-5
Policy Configuration and Management, page 16-5
ASA 5585-X (hardware module):
–
ASA FirePOWER console port—The console port on the module is a separate external console
port.
–
ASA FirePOWER Management 1/0 interface using SSH—You can connect to the default IP
address or you can use ASDM to change the management IP address and then connect using
SSH. The management interface on the module is a separate external Gigabit Ethernet interface.
You cannot access the ASA FirePOWER hardware module CLI over the ASA backplane
Note
using the session command.
All other models (software module):
ASA session over the backplane—If you have CLI access to the ASA, then you can session to
–
the module and access the module CLI.
ASA FirePOWER Management 0/0 interface using SSH (Management 1/1 for the
–
5506-X)
—You can connect to the default IP address or you can use ASDM to change the
management IP address and then connect using SSH. The ASA FirePOWER management
interface shares the management interface with the ASA. Separate MAC addresses and IP
addresses are supported for the ASA and ASA FirePOWER module. You must perform
configuration of the ASA FirePOWER IP address within the ASA FirePOWER operating
system (using the CLI or ASDM). However, physical characteristics (such as enabling the
interface) are configured on the ASA. You can remove the ASA interface configuration
(specifically the interface name) to dedicate this interface as an ASA FirePOWER-only
interface. This interface is management-only.
Defaults for ASA FirePOWER, page
Cisco ASA Series Firewall CLI Configuration Guide
The ASA FirePOWER Module
16-7.
16-5
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
