Cisco Cisco IPS 4520 Sensor Weißbuch

45

Intrusion Prevention

August 2012 Series

45

Step 3:  

Verify you have the correct IPS image on the Cisco ASA firewall 

disk0:

.

IE-ASA5545X# dir

Directory of disk0:/

113    -rwx  34523136     16:55:06 Apr 19 2012  asa861-smp-k8.

bin

114    -rwx  42637312     16:57:00 Apr 19 2012  IPS-SSP_5545-

K9-sys-1.1-a-7.1-4-E4.aip

115    -rwx  17851400     16:57:32 Apr 19 2012  asdm-66114.bin

123    -rwx  34523136     13:40:30 May 22 2012  asa861-1-

smp-k8.bin

Step 4:  

Configure the IPS module to load the software on 

disk0:

 and then 

boot with that software.

IE-ASA5545X# sw-module module ips recover configure image 

disk0:/IPS-SSP_5545-K9-sys-1.1-a-7.1-4-E4.aip

IE-ASA5545X# sw-module module ips recover boot

Module ips will be recovered. This may erase all configuration 

and all data on that device and attempt to download/install a 

new image for it. This may take several minutes.

Recover module ips? [confirm]

Recover issued for module ips.

Step 5:  

After a few minutes, run the following command, and then verify that 

the module status is Up.

Show module ips detail

Procedure 3 

Complete the initial setup

The initial setup will involve configuring each IPS device (module or appli-
ance with the initial networking information to allow the use of the GUI to 
complete the configuration.

Device Type

Software module

Appliance

Hostname

IPS-5545a&b

IDS-4300

IP Address

10.4.24.27&.28

10.4.32.171

Network Mask

255.255.255.224

255.255.255.192

Default Gateway

10.4.24.1

10.4.32.129

Location

Internet Edge distribution 
switch

WAN aggregation 
distribution switch

Step 1:  

If you are using the Cisco ASA 5545-X, log into the ASA appliance, 

and then access the IPS module by issuing the following command.

ASA5545# session ips

Opening command session with module ips.

Connected to module ips. Escape character sequence is ‘CTRL-

^X’.

If you are using a Cisco IPS 4x00 Series appliance, open a CLI session on 
the sensor’s console port.