Cisco Cisco ASA 5512-X Adaptive Security Appliance - No Payload Encryption Guida All'Installazione
4
If you have an inside router
If you have an inside router, you can route between the management network, which can include both
the ASA Management 0/0 and IPS Management 1/0 interfaces, and the ASA inside network. Be sure
to also add a route on the ASA to reach the Management network through the inside router.
the ASA Management 0/0 and IPS Management 1/0 interfaces, and the ASA inside network. Be sure
to also add a route on the ASA to reach the Management network through the inside router.
If you do not have an inside router
If you have only one inside network, then you cannot also have a separate management network,
which would require an inside router to route between the networks. In this case, you can manage the
ASA from the inside interface instead of the Management 0/0 interface. Because the IPS module is a
separate device from the ASA, you can configure the IPS Management 1/0 address to be on the same
network as the inside interface.
which would require an inside router to route between the networks. In this case, you can manage the
ASA from the inside interface instead of the Management 0/0 interface. Because the IPS module is a
separate device from the ASA, you can configure the IPS Management 1/0 address to be on the same
network as the inside interface.
ASA Management 0/0
Internet
Management PC
Proxy or DNS Server (for example)
Router
ASA
IPS Management 1/0
Outside
IPS
Management
Inside
IPS Default
Gateway
ASA gateway for Management
334658
Internet
Layer 2
Switch
ASA
Inside
IPS Management 1/0
ASA Management 0/0 not used
Outside
IPS
IPS Default Gateway
Management PC
Proxy or DNS Server
(for example)
334660