Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

18-16

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 18 Configuring the ASA 5500 AIP SSM

New and Modified Commands

• hw-module module slot_number recover [boot | stop | configure]—The recover command

displays a set of interactive options for setting or changing the recovery parameters. To change the

parameter or keep the existing setting, press Enter.

–

hw-module module slot_number recover boot—This command initiates recovery of the

ASA 5500 AIP SSM. It is applicable only when the module is in the Up state.

–

hw-module module slot_number recover stop—This command stops recovery of the

ASA 5500 AIP SSM. It is applicable only when the module is in the Recover state.

Caution If the ASA 5500 AIP SSM recovery needs to be stopped, you must issue the hw-module module 1

recover stop command within 30 to 45 seconds after starting the recovery. Waiting any longer can lead

to unexpected consequences. For example, the module may come up in the Unresponsive state.

–

hw-module module 1 recover configure—Use this command to configure parameters for the

ASA 5500 AIP SSM recovery. The essential parameters are the IP address and recovery image

TFTP URL location.

Example

aip-ssm# hardware-module module 1 recover configure

Image URL [tftp://10.89.146.1/IPS-SSM-K9-sys-1.1-a-7.1-1-E4.img]:

Port IP Address [10.89.149.226]:

VLAN ID [0]:

Gateway IP Address [10.89.149.254]:

For More Information

For the procedure for recovering the ASA 5500 AIP SSM system image, see Installing the System Image

for the ASA 5500 AIP SSM, page 22-28.

New and Modified Commands

This section describes the new and modified Cisco ASA commands that support the ASA 5500 AIP SSM

and are used to configure the ASA 5500 AIP SSM.

Note All other Cisco ASA CLI commands are documented in the Cisco Security Appliance Command

Reference on Cisco.com at

http://www.cisco.com/en/US/products/ps6120/prod_command_reference_list.html.

This section contains the following topic:

• allocate-ips, page 18-16

allocate-ips

To allocate an IPS virtual sensor to a security context if you have the ASA 5500 AIP SSM installed, use

the allocate-ips command in context configuration mode. To remove a virtual sensor from a context, use

the no form of this command.

allocate-ips sensor_name [mapped_name] [default]

no allocate-ips sensor_name [mapped_name] [default]

previous next