Cisco Cisco ASA 5585-X with No Payload Encryption Manual Técnico

Note: For more information on initial Configuration of AIP−SSM, refer to Initial Configuration of the
AIP−SSM Sensor.

This document assumes that the audience has a basic understanding of how to configure Cisco ASA software
version 8.x and IPS software version 6.x.

Necessary configuration components for ASA 8.x include interfaces, access−lists, network address
translation (NAT), and routing.

• 

Necessary configuration components for AIP−SSM (IPS software 6.x) include network setup, allowed
hosts, interface configuration, signature definitions, and event action rules.

• 

The information in this document is based on these software and hardware versions:

ASA 5510 with software version 8.0.2

• 

AIP−SSM−10 with IPS software version 6.1.2

• 

Note: This configuration example is compatible with any Cisco ASA 5500 Series Firewall with OS 7.x and
later and the AIP−SSM module with IPS 5.x and later.

The information in this document was created from the devices in a specific lab environment. All of the
devices used in this document started with a cleared (default) configuration. If your network is live, make sure
that you understand the potential impact of any command.

Refer to Cisco Technical Tips Conventions for more information on document conventions.

In this section, you are presented with the information to configure the features described in this document.

Note: Use the Command Lookup Tool (registered customers only) in order to obtain more information on the
commands used in this section.

The IP addressing schemes used in this configuration are not legally routable on the Internet. They are RFC
1918 

 addresses which have been used in a lab environment.

This document uses this network setup: