Cisco Cisco IPS 4255 Sensor
33
Release Notes for Cisco Intrusion Prevention System 7.0(1)E3
OL-18483-01
Recovering the Password
Recovering the AIP SSM Password
You can reset the password to the default (cisco) for the AIP SSM using the CLI or the ASDM. Resetting
the password causes it to reboot. IPS services are not available during a reboot.
the password causes it to reboot. IPS services are not available during a reboot.
Note
To reset the password, you must have ASA 7.2.2 or later.
Use the hw-module module slot_number password-reset command to reset the password to the default
cisco. If the module in the specified slot has an IPS version that does not support password recovery, the
following error message is displayed:
cisco. If the module in the specified slot has an IPS version that does not support password recovery, the
following error message is displayed:
ERROR: the module in slot <n> does not support password recovery.
Resetting the Password Using the CLI
To reset the password on the AIP SSM, follow these steps:
Step 1
Log into the adaptive security appliance and enter the following command to verify the module slot
number:
number:
asa# show module
Mod Card Type Model Serial No.
--- -------------------------------------------- ------------------ -----------
0 ASA 5510 Adaptive Security Appliance ASA5510 JMX1135L097
1 ASA 5500 Series Security Services Module-40 ASA-SSM-40 JAF1214AMRL
Mod MAC Address Range Hw Version Fw Version Sw Version
--- --------------------------------- ------------ ------------ ---------------
0 001b.d5e8.e0c8 to 001b.d5e8.e0cc 2.0 1.0(11)2 8.4(3)
1 001e.f737.205f to 001e.f737.205f 1.0 1.0(14)5 7.0(7)E4
Mod SSM Application Name Status SSM Application Version
--- ------------------------------ ---------------- --------------------------
1 IPS Up 7.0(7)E4
Mod Status Data Plane Status Compatibility
--- ------------------ --------------------- -------------
0 Up Sys Not Applicable
1 Up Up
Step 2
Reset the password for module 1.
asa# hw-module module 1 password-reset
Reset the password on module in slot 1? [confirm]
Step 3
Press Enter to confirm.
Password-Reset issued for slot 1.
Step 4
Verify the status of the module. Once the status reads Up, you can session to the AIP SSM.
asa# show module 1
Mod Card Type Model Serial No.
--- -------------------------------------------- ------------------ -----------
1 ASA 5500 Series Security Services Module-40 ASA-SSM-40 JAF1214AMRL
Mod MAC Address Range Hw Version Fw Version Sw Version
--- --------------------------------- ------------ ------------ ---------------
1 001e.f737.205f to 001e.f737.205f 1.0 1.0(14)5 7.0(7)E4
Mod SSM Application Name Status SSM Application Version