Assign the virtual sensor in the MODE SINGLE ASA5510-AIP10SP-K9

Hello

I install asa 2 ASA5510-AIP10SP-K9 in standby mode active failover. I know how to assign virtual devices to the contexts of the ASA in multiple mode (active/active failover). But I want it to be done in simple mode (active/standby failover). Any idea will be welcomed.

OK, now I understand what you need.

Most users need only the single default «vs0» virtual sensor

To get traffic from the ASA to send to the SSM for follow-up here are the basic steps:

(The assumption is that you have already previously connected and changed the password and went through the steps in "setup" to set the IP address, network and other settings on your sensor mask.)

(1) in the AIP - SSM (telnet or ssh) session as the default user "cisco".

(2) adding interface backplane of the AIP - SSM GigabitEthernet0/1 in the virtual sensor default "vs0" using these commands:

Configure the terminal

service-analysis engine

vs0 virtual sensor

phyiscal-interface GigabitEthernet0/1

output

output

Answer Yes when prompted

output

NOTE: The above could also be done through the advanced configuration command, or could be done through ASDM or IDM. To put it simply I just give you the CLI commands.

3) connect to the ASA CLI. If you're "ridden" on the SSM, then an exit from your session will respond to the ASA CLI. If connect you via the console through a ssh or telnet or ASA ASA.

(4) set the ASA to send traffic to the AIP - SSM.

To do this, you would create an ACL for the traffic you want to monitor. This ACL is then used to create a class map. The plan of the class is then added in a political map. The political map is applied.

Here's an example of how you can get any traffic to monitor histocompatibility of the AIP - SSM:

conf t

IPS ip access list allow a whole

my class-map-ips-class

corresponds to the IP access list

Policy-map global_policy

My ips-category

IPS overcrowding relief

global service-policy global_policy

NOTE: The foregoing will send all IP packets to the SSM for surveillance of promiscuity. To change monitoring online simply substitute "inline" instead of promiscuity in the line of configuration of IP addresses.

Note 2: The service-policy command is a reptition of the command that should already be in your configuration of ASA by default. So, it will probably generate an error/warning letting you know that the policy is already applied.

IF you do not use the default configuration on the SAA and instead create your own policy, then you can use the steps above, but add the class to your own policy rather than the value default 'global_policy '.

(4) repeat steps 1 and 2 on the MSS of your Eve ASA.

The configuration of the AIP - SSM does NOT automatically copied between the AIP-SSMs. If you need to do the configuration manually on the two AIP-SSMs.

(5) connection to standby you ASA and check tha the configuration in step 3 is automatically copied to your Eve ASA.

The steps above are in force at step 4/5 in your original list.

Your AIP - SSM should now be followed by traffic.

You can now proceed to step 6 of your original list.

Tags: Cisco Security

Similar Questions

  • Help me REMOVE the duplicate folders My Documents and others created automatically when I install Virtual PC in XP Mode to run older programs. I removed the computer virtual and XP, but it does not remove the My Documents folders duplicate.

    While trying to run some older programs (Corel) in characteristic as advertised XP mode from my new Dell laptop and Windows 7 PC, I created Virtual PC and XP mode Setup.  Somewhere during this process, the system created in double My Documents, my pictures, my videos, files etc. that you can not (no authorization) access through Windows 7.  I understand that they may is accessible while you were in Virtual PC.   I came to my senses after the poor performance of Windows XP/Virtual PC and decided to remove remove these programs (and buy Corel for Win7).  I followed the instructions for a good dismantling of Microsoft who think in the end, these inaccessible files would disappear and I would have a struture of own file again.  However, duplicate inaccessible folders still remain and I can't get rid of them.  Believe me - it's a pain because it's very confusing when you browse folders.   There is no files in these folders, so there is nothing that we need to go.

    Please, for the love of peace in my family, tell me how I can get the PC back where it was when we first install Windows 7.   And - what's the problem of not having a complete control of my pc?  Personally, I'm offended that Microsoft has locked the users so that they cannot use their own brain - apparently I'm not the only one...  If you are willing to share, I would appreciate a detailed response.

    Hello, SuperMomNot

    Where are these records?

    Virtual PC will create only shortcuts to installed applications in XP mode, no records. The ability to open and save files that are stored on the host computer is made via the network sharing of files between the two.

    David
    Microsoft Answers Support Engineer
    Visit our Microsoft answers feedback Forum and let us know what you think.

  • backup of the virtual machine fails HotAdd mode if the virtual machine is running?

    backup of the virtual machine fails HotAdd mode if the virtual machine is running?

    sometimes. When vmware tools is outdated, some os comments will be omitted to suspended snapshot. During this time, the backup may have failed.

  • How to assign the IP address of the virtual machine on VMware Server 2.0.

    Hey guys,.

    I've been busy, actually not really busy, spent my whole day with this problem... I could just find the same solution I am looking for all the documents...

    I have a VMware Server 2.0 installed on CentOS 5.2, and I have 5 dedicated IP address or static with this server...

    Now, I created a VM with CentOS 4.7 for testing purposes, but I don't know how assing one of the IP address for this virtual machine.

    I want to just that my VM to be accessible from external internet connections...

    I have;

    64.XX.XX.218

    64.XX.XX.219

    64.XX.XX.220

    64.XX.XX.221

    64.XX.XX.222

    assigned IP address. First of all it is belong to the main server dedicated, I would attribute the 220 IP to my VM, but how? It's worth it to me...

    Any help will be much appreciated...

    Best regards

    Sezer DEGE.

    silencegate wrote:

    This server hosted one of the DC in the United States

    Okay, that means, is not in your server room.

    Your computer has several available ethernet network interfaces: eth0, eth0: 0,

    eth0: 1, eth0:2, eth0:3. Which do you want to bridge vmnet0?

    Your server has only one physical ethernet interface. But there are multiple ip addresses configured on it. If you want to know, how it works and how it is configured, you can read this page.

    You need to reconfigure your network VMware Server 2 to fill the other or several networks. VMware Server documentation is explained on p. 222 and following. In fact, for linux, it is page 229 and includes 'ifconfig' to know what special device (eth0: 0...) what IP address, then run ' vmware - config.pl ' is used to assign the new configuration. But please read the documentation for more details.

  • HP50g - assign the submenu of debugging to a key in user mode

    How to assign the submenu of debugging (in Lshift/PRG/RUN) to a key?

    Thank you

    It's menu 41, so if you set < < MENU 41 > > a key, which will display the Debug menu.

    This is a very key assignment practice: < < 41 MENU DBUG > >.  It takes a program (or the name of a program) at level 1 of the battery and running the debugger on it, with the Debug menu is displayed.  I keep assigned to leftshift-wedge-PRG (i.e. keycode 42.21).

  • Assign the Vlan of a vnic

    Hi all

    I'm working on it for about 2 years in a hospital, I have most of the virtualized servers.

    So two years ago, I created a server of access point for patients, running solid rock. But for precautions I virtualized vmware, machine machine have two network cards and the "output" nic is on a different IP range and Vlan that I created only for the hotspot. What can I do to assign the ID of the vlan hotspot in my eCard network of 'exit' on the virtualized machine hotspot?

    IM Portuguese, so my first language not English hope, you guys can understand.

    Thanks in advance,

    Kind regards

    You have several ways to allow multiple VLANS works on ESXi\;

    Method 1: Configure the interface port on the side of physical switch ' trunk/tag' mode and on vSwitch create several groups of ports and assign a VLAN to each group of ports and when the interfaces are added virtual network in VM, bind each virtual network interface to the appropriate port group.

    Method 2: If you have several network interfaces physical on vSphere, ESXi, configure each interface on a physical switch port to VLAN appropriate and create a vSwitch (and a group of ports) for each VLAN and adding VM virtual network interfaces, bind each virtual network interface to the appropriate port group.

    Method 1 is recommended, as it will allow you add several VLANS you need without needing additional physical network interfaces.

    PS. : EU sou brasileiro e posso com você em Português speak to você desejar.

  • Why do I get an error when I try to change the mode of scanning by programming engine?

    Hello

    I have a problem with my EtherCAT system.

    The system contains:

    a RT PXI-8840

    2 position with EtherCAT sensors

    and 8 inverters with EtherCAT (with Softmotion plugin and xml file)

    I use LabVIEW 2015 with RT and FPGA Softmotion module.

    At the beginning of my code I pass the engine scan mode in configuration mode and then the active mode programmatically. It works well when I start my code with LabVIEW but I get an error when I use a startup application. The error code is-2132869095 (the deployment link has expired). I've tried also with a code containing just the screw for the switching of the mode of scan engine and nothing else. With this, I get the same error.

    The problem occurs when one or more inverters are involved in the project.

    Anyone an idea what I need to do to avoid this error?

    Thank you.

    Hello

    the two cases mentioned in my last post have solved the problem. I have to follow this exact sequence and I expect that the analysis engine is running.

    Now, my startup application runs.

  • How to get out the mode safe mode with msconfig.

    I'm working on my computer and need to start in safe mode. I ran the msconfig and reboot the laptop. I get to the login screen, but when I get my username and password it tells me that the user name and password is not correct. How to get out the mode safe mode with msconfig.

    When you run msconfig to get set to Safe Mode, you just activate/check the option/SafeBoot at startup. INI tab or did you do something else?

    There is some malware that if you use the/SafeBoot option, you will not be able to use your system again until you remove the switch/SafeBoot the boot.ini for you can boot normally.

    Maybe it's not your exact problem, but I will never suggest to anyone to use the option / SafeBoot never again - too risky when troubleshooting since you can always start new or will never connect again until you remove the switch/SafeBoot.

    Anywho, if that's what you have done, you can start in the XP Recovery Console and then either make a new boot.ini file containing the switch/SafeBoot or simply rename the boot.ini file, you have something like boot.ini.old if you don't have a boot.ini file (I know it seems like a weird idea).

    In a single partition configuration, XP is not even a file boot.ini to boot.  XP will complain if there is no boot.ini file, but will always start very well without one (non-believers - try it!).

    After you get booted up and logged in, you can rename boot.ini.old in boot.ini and run msconfig to remove the option/SafeBoot, and never use it again.

  • MS-DOS 16-bit subsystem. The system does not support the mode full-screen.

    I when even run some dos applications, which allows to work ok under XP mode full-screen, but when you use Vista or Windows 7. I can only rum these applications in a window.
    The error message is

    MS-DOS 16-bit subsystem. The system does not support the mode full-screen.

    Please is anyway I could run in fullscreen... I don't want to use a virtual machine.

    Any advice would be greatly appreciated

    Of Ernest24

    http://www.dosbox.com/

    You might be interested in reading about DosBox.

    See you soon. Mick Murphy - Microsoft partner

  • Hi I'm window7 user, I bought a creative cloud for students and teachers. but all the downloadable test app. That's why I tried 'buy now' button, "that assign the right to use" CC redownloading but "unlicensed" pop up. Help me.

    Hi I'm window7 user, I bought a creative cloud for students and teachers. but all the downloadable test app. That's why I tried 'buy now' button, "that assign the right to use" CC redownloading but "unlicensed" pop up. Help me.

    Hi decoen,.

    Your subscription is activate kindly try to disconnect from Creative Cloud app and reconnect.

    Please consult Creative Cloud applications unexpectedly back in the test mode. CCM, CS6

    Troubleshooting FAQ: What should I do if I have a subscription, but my application acts as if I had a trial?

    It could be useful!

    Rayyan

  • Assign the page file (.vmem) VM a specific file and folder name.

    My AV (Comodo) analysis file (.vmem) VM paging to death (the hosts making it unusable).  I want to assign the file to the SSD and give it a permanent name.  I read that I can attribute the work of virtual machine files directory and this will help you.  The problem is Comodo.  Can I exclude a file or folder of the analysis, but the mutation .vmem file name prevents the exclusion to work whenever I turn off / the virtual machine.  Thanks for any help.  Enjoy, John.

    EDIT: I just restarted my VM and host and then grew up the virtual machine.  He continued to wear the same name of file (.vmem).  It will continue to be this way?

    One option is to add the following parameter to the file vmx of your comments (with comments turned off and closed player).

    mainMem.useNamedFile = "false".

    This will change the behavior to NOT use the named file for the permutation of VRAM.

    If this does not change the behavior, you may need to change the host config.ini file and add the line there instead.

    Personally, for any AV I always exclude my file to the root of the VMS under analysis, given that the files are constantly changing and open, and the files themselves do not contain viruses. This is NOT to say that the customers themselves can not GET a virus inside their own operating system... but the files to your host will not some virus shipped including your AV needs to scan contain.

  • cannot enter in the Mode target Mac 10.10

    Hello

    I'm running OS X 10.10 and 10.9 of VMS in Fusion. When I try to enter in the Mode target system-> startup disk preferences, it has no listed target Mode option. And I can not enter in T-mode T pressed to start upward.

    Any ideas?

    Thank you!

    Hi ITMan01,

    Target disk mode is a feature provided by the firmware of the Apple system and does not part of Mac OS X.  We don't currently implement this feature in our virtual machine firmware, so target disc Mode is not available in a VMware virtual machine.

    Thank you

    --

    Darius

  • With regard to the mode of transport SYNC

    Version: 11.2.0.3
    Operating system: Unix/Linux platforms

    I'm new to Data guard

    It's that I understood on the SYNC mode after googling and read 11.2 doc. correct me if I'm wrong.

    SYNCHRONIZATION (synchronous Transport Mode)
    ======================

    With the transmission SYNCHRO mode, LGWR is not allowed to recognize that a commit succeeded until the LNS confirms that it again to retrieve the transaction was written to the Redo logs waiting in the standby.
    Until LGWR extracted this confirmation of LNS, the database is suspended and the validation operation is supported. That is to say. In the event of failure of a network between the (primary) production database and the standby database which prevents the
    again to be written in the newspapers waiting to roll forward, then the primary database will block.

    SYNCHRONIZATION method is also referred to as method "Zero data loss.

    But there is an attribute called NET_TIMEOUT for LOG_ARCHIVE_DEST_n parameter; Assigned (in seconds) decides how long LGWR should wait to hear from LNS on scripture to redo in Standby Redo Logs.

    The default value at 11.2 is 30 seconds. After 30 seconds, if LGWR cannot hear the LNS on a succesfull write to redo in Standby Redo Logs, process LGWR disconnects from the LNS and acknowledges the primary VERIFICATION and allow
    DB primary to continue treatment even if he can no longer communicate with the day before.

    This isn't strictly "zero data loss" as a VALIDATION has been recognized in the primary despite the entrance of again as a result of this change is not written for the eve SRL. Right?



    Question2.

    In all our Prod DBs, LOG_ARCHIVE_DEST_2 is set to the value below. No idea what type of protection is this DB in?
        MAXIMUM PROTECTION
    or
    MAXIMUM AVAILABILITY
    or
    MAXIMUM PERFORMANCE ?
    service="HEWRMS_DG", LGWR SYNC AFFIRM delay=0 optional compression=disable max_failure=0 max_connections=1 reopen=300 db_unique_name="HEWRMS_DG" net_timeout=30, valid_for=(all_logfiles,primary_role)

    This isn't strictly "zero data loss" as a VALIDATION has been recognized in the primary despite the entrance of again as a result of this change is not written for the eve SRL. Right?

    You'll only no loss of data if you have maximum protection. If the primary is unable to reach the day before, it stops after a fixed delay. Oracle recommend two standby mode if you want maximum protection.

    In available maximum primary will try to reach the previous day in the net_timeout value and whether it will commit the transaction and move. It will essentially drop down for maximum performance until it can connect to the waiting again.

    Check the mode of protection of data.

    select protection_mode from v$database;

    Should read: you only have the guarantee of no data loss with maximum protection. You have no data loss with maximum availability until your watch and network are correct.

    Published by: Freddie Essex on 5 June 2013 11:18

  • VMware hypervisor 5 license returns to the mode of assessment on reboot

    I have a current execution machine hypervisor and I installed the license via the vmware vsphere client, configuration tab and it shows under license. I can view the logs of system on the host itself and see that the license is installed under display support information.

    The question is when I turned off the hypervisor, rear power on the server returns to the mode of assessment and I lose my vm. I then have to recreate the virtual machine and under Select a disk, use a previously configured disk.

    What happens in the devil, I am doing wrong?

    I would like to do a reinstall of ESXi.  There is something wrong with the installation because /altbootbank is not mounted.

  • Updated to Lion - problems with the mode of the unit

    I've recently updated my iMac - 8 GB ram, 1 TB hd - manufactured 2010.

    I had a VM for pre-existing (Win XP Pro) that I had left my PC.  Although very well, I can use the virtual machine in stop mode, the unit was very buggy.  I lost control of the mouse, the screen redraws is a problem and copy / paste between the VM and the Lion are incompatible.

    I've upgraded to the latest version of VMware 3.1.13 - (sorry if this isn't the correct version number - but I've upgraded).

    Has anyone else had problems with the mode of the unit?

    VMWare has been notified of this issue and if so, is there no work around?

    Thanks for any help on this.

    You reinstall your VMware tools after upgrade to 3.1.3 Fusion?

    Go to the menu of Fusion, the Virtual Machine-> install VMware Tools, after completing the installation, restart your guest and see if the unit is very well.

Maybe you are looking for