Cisco ASA 5505 Configuration Manual page 1131

Asa 5500 series

Hide thumbs Also See for ASA 5505:

Getting started manual (168 pages)

Administrator's manual (118 pages)

Hardware installation manual (82 pages)

Table of Contents

Managing SSMs and SSCs

Using SSH or Telnet

You can access the module CLI directly using SSH or Telnet to the module management interface.

(Telnet access requires additional configuration in the SSM/SSC application). See the

section on page 53-2

Other Uses for the Module Management Interface

The module management interface can be used for sending syslog messages or allowing updates for the

module application, such as signature database updates on the AIP SSM or SSC.

Routing Considerations for Accessing the Management Interface

To make sure ASDM can manage the SSC, be sure that the adaptive security appliance can access the

module management interface address.

For the SSC, be sure to configure an IP address for the adaptive security appliance VLAN that you are

also using for the SSC management interface, and assign that VLAN to a switch port so the SSC interface

is physically connected to the network. The SSC management interface will then be on a

directly-connected network for the adaptive security appliance, so ASDM can access the management

interface without any additional routing configuration.

For the SSM, the external management interface is not considered to be an adaptive security appliance

interface, so it is not automatically on a directly-connected network. Depending on how you cable your

network, the SSM external interface can be on the same network as an adaptive security appliance

interface (through a switch), or you can put it on a different network (through a router).

Guidelines and Limitations

Context Mode Guidelines

See the chapter for each SSM or SSC application for context mode guidelines.

Firewall Mode Guidelines

See the chapter for each SSM or SSC application for firewall mode guidelines.

Failover Guidelines

For the SSC, make sure you configure the management IP addresses on both units to be on the same

subnet and VLAN.

Model Guidelines

For model support for the SSC and SSMs, see the

Additional Guidelines

You cannot change the software type installed on the SSM/SSC; if you purchase an AIP SSM, you cannot

later install CSC software on it.

You cannot set up the SSC in ASDM if you use an IP address that goes through NAT.

for more information about the management interface.

Cisco ASA 5500 Series Configuration Guide using ASDM

"Module Support" section on page

Guidelines and Limitations

"Using ASDM"

Show Quick Links

Chapters

Table of Contents

Asa 5510 Asa 5540 Asa 5520 Asa 5550 Asa 5580

Cisco ASA 5505 Configuration Manual page 1131

Hide quick links:

Chapters

Related Manuals for Cisco ASA 5505

Related Products for Cisco ASA 5505

This manual is also suitable for:

Table of Contents