Cisco Systems and the ASA Services Module Manual De Usuario
30-9
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 30 Configuring the ASA CX Module
Configuring the ASA CX Module
Step 3
(ASA 5585-X; Optional) Configure the ASA CX module management IP address for initial SSH access.
See the
See the
.
Step 4
On the ASA CX module, configure basic settings. See the
Step 5
On the ASA CX module, configure the security policy using PRSM. See the
Step 6
(Optional) On the ASA, configure the authentication proxy port. See the
Step 7
On the ASA, identify traffic to divert to the ASA CX module. See the
.
Note
When using PRSM in multiple device mode, you can configure the ASA policy for sending
traffic to the ASA CX module within PRSM, instead of using ASDM or the ASA CLI. However,
PRSM has some limitations when configuring the ASA service policy; see the ASA CX user
guide for more information.
traffic to the ASA CX module within PRSM, instead of using ASDM or the ASA CLI. However,
PRSM has some limitations when configuring the ASA service policy; see the ASA CX user
guide for more information.
Connecting the ASA CX Management Interface
In addition to providing management access to the ASA CX module, the ASA CX management interface
needs access to an HTTP proxy server or a DNS server and the Internet for signature updates and more.
This section describes recommended network configurations. Your network may differ.
needs access to an HTTP proxy server or a DNS server and the Internet for signature updates and more.
This section describes recommended network configurations. Your network may differ.
ASA 5585-X (Hardware Module)
The ASA CX module includes a separate management and console interface from the ASA. For initial
setup, you can connect with SSH to the ASA CX Management 1/0 interface using the default IP address
(192.168.8.8/24). If you cannot use the default IP address, you can either use the console port or use
ASDM to change the management IP address so you can use SSH.
setup, you can connect with SSH to the ASA CX Management 1/0 interface using the default IP address
(192.168.8.8/24). If you cannot use the default IP address, you can either use the console port or use
ASDM to change the management IP address so you can use SSH.
ASA 5585-X
PWR
BOO
T
ALARM AC
T
VPN
PS1
HDD1
PS0
HDD0
USB
RESET
0
SFP1
SFP0
1
0
1
2
3
4
5
6
7
MGMT
0
1
AUX
CONSOLE
PWR
BOO
T
ALARM AC
T
VPN
PS1
HDD1
PS0
HDD0
USB
RESET
0
SFP1
SFP0
1
0
1
2
3
4
5
6
7
MGMT
0
1
AUX
CONSOLE
ASA Management 0/0
Default IP: 192.168.1.1
Default IP: 192.168.1.1
ASA CX Management 1/0
Default IP: 192.168.8.8
SSP
ASA CX SSP
334655