Recover password of the IPS module (ASA)
Dear experts,
I have an ASA 5500 series with AIP SSM (IPS module), the username and password are lost.
According to cisco portal, there are two approaches to recover the password:
1 using the CLI command: hw-module module reset slot_number password;
2. with the help of ASDM--> tools--> 'IPS password reset.
Not sure whether the two commands to achieve the same result (retrieve password) or they may have different results (i.e. need to reset the module).
The device is online, reset module is not privileged.
After checking the information from the internet, it offers to reset the IPS module. Any problem will be produced if the IPS module is not reset?
RDG
Anita
Hi Anita,.
You can try using:
HW-module module slot_number password reset
Who will reset just the IPS to its default username/password:
Cisco and cisco
You can access the ASA CLI IPS:
session 1
Then type cisco and cisco (username/password)
For example, you could add a new password.
Don't forget to evaluate and select the right answer.
Tags: Cisco Security
Similar Questions
-
Dears
I have set up the module IPS with the Setup command and are initialized, but when I tried to access the IPS via ASA ASDM and save any changes he continues to tell me that I don't have sufficient rights?
Please check the gasket and advise what causes this case?
Connect with a user "admin". But there is more "Viewer" - rights for this user. Open a session in the sensor with the default 'cisco' user and the password you provided when you first login and change the user role of the user "admin" to "administrator."
-
What traffic is copied to the IPS Module?
We have an ASA5585-X with installed PSS-10 module that we test. External interface of the firewall is connected to the internet and has a public address. We have installed 4.2 CSM and send IPS events to it.
After that we have configured the IPS module, we expected to get a lot of alerts for attacks from the internet, but we see almost nothing.
The ACL on the external interface does actually not much, just a few SMTP, DNS, HTTP, SSH.
My question is this - the IPS would all see the attacks/traffic from the internet or JUST packages that have passed the external ACL?
I suspect that's why we rarely see alerts - can anyone confirm this?
Thank you
//\/\\\
If traffic was abandoned by the ASA, then IPS will have no visibility to it.
Kind regards
Sawan Gupta
-
I am trying to push an update via tftp for my IPS module, but am not sure how this cable.
ASA internal Int: 10.1.3.1
ASA IPS Mod: 10.1.9.201
ASA IPS GW: 10.1.9.1
What I owe my TFTP server directly to cable IPS module, or does it go in the interface internal? I tried both and my TFTP server is not displayed all traffic.
The AIP - SSM module has its own management interface (it is the only ethernet on the face of the module). This must be connected to your TFTP server. Either directly (through a rollover cable) or through a switch or router.
-
Where can I get the license for the IPS module file?
We just bought an ASA 5515 X with internal IPS module.
I registed the IPS with Cisco and got a license key
However, the module IPS needs a license file (, lic)
I see nothing in the documentation or the instructions that came with the device to get this file. I don't see anything on the cisco Web page of license.
can someone help me?
Try this
-
Recover password of the IPCC business database officer?
Hi, I'm looking for a way to read the password of the agent of the IPCC Enterprise directly to the Person table.
The password field is encrypted, someone knows the encryption algorithm and key?
Thanks in advance!
I don't know if you got the answer to this question, but there is no any way to decrypt the password of the agent. The product uses a mechanism of one-way hash when the password is first created and stored and it is checked each time.
-
All Cisco ASA 5510 have the IPS modules
I am new to the use of Cisco Networking products. I gave me a mission to determine if our company 5510 and 5505 IPS/IDS. In doing my research I discoververed 5505 have no IPS/IDS, but you can buy a card and 5510 have modules IPS/IDS. How can I determine whether my 5510 modue (s) IPS/IDS
only the new x (but not the 5585) ASAs have software modules. There on the 5505 and 5510 hw modules. But first, you must bring your ASA-access in the order. You can try different browsers, but also make sure that your Java is up to date.
Sent by Cisco Support technique iPad App
-
Hello
I stop the sensor to check some latency issues, but now I want to start
When I'm enter ip address, usrename, password its asdm not to connect.via
We use the module aip-ssm20
Hi again
No - you have 'shutdown-it' - it's down - you can recharge from the SAA itself - hw-module 1 similar og reset module
best regards /ti
-
IPS in ASA 5510 killing upload speed
I've recently updated by a circuit of ethernet metro 20 MB for a 100 Mb connection. My ASA 5510 severely limits the my download speed. I narrowed down it to the IPS module. If I stop to send traffic to the IPS, I get speeds of download between 50-85 Mbps. If I start sending through again, my download speeds are between 3-7 Mbps. In both cases, my speeds range between 70-92 MB/s, so it's really affecting only my upload speed. Is there anything I can do for my traffic IPS, so I can still use my modules and still take advantage of the speed upload huge we pay for?
Here is some info from my ASA:
I am matching all traffic:
allow traffic_for_ips to access extensive ip list a whole
Here is my policy and class parameters:
class-map inspection_default
match default-inspection-traffic
class-map-botnet-DNS
match eq field udp port
class-map ips_class_map
corresponds to the traffic_for_ips access list
!
!
type of policy-card inspect dns preset_dns_map
parameters
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the ftp
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
inspect the preset_dns_map dns
class ips_class_map
IPS inline help
botnet-policy policy-map
botnet-DNS class
inspect the snoop-filter-dynamic dns
!
global service-policy global_policy
service-policy botnet-policy to the outside interfaceIf anyone has any ideas, I'd love to hear them. Thank you.
Created: May 13, 2011 18:49 created by: Chevrel, customer Aastha(AACHAUDH,265429) was experiencing slow download speeds (3-7 Mbps) on in ASA 5510 IPS module. Download the range of speeds between 70-92 MB/s
Used the workaround for the bug No. CSCsv69844 , i.e. to set the depth of Regex to 800000 (Please note that this workaround should not serve with the recommendation and approval of the ATC.)
-
IPS of ASA journals collection
Hello
How can I collect newspapers of the IPS of the ASA? My firewall is ASA 5515 x, 9.1 (5) with module version IPS 4,0000 E4. Please let me know the commands to view the logs of IPS, also, how can I monitor these logs?
Kind regards
Martin
You must use either:
a. Device Manager IPS (basically ASDM pointed toward the IPS vs ASA address address and used real time connect to the visualization and the configuraiton)
(b) IPS Manager Express (keeps newspapers even when not active GUI, allows to manage several IPS), or
cisco Security Manager.
The first two are free tools for IPS unique or small facilities, and the third is a licensed - the company-wide product.
-
Reset password for the AIP - SSM-10
Hello
I have an ASA5520 with 7.2 v 2 running.
but the IPS module spftware is 5.1
When I tried to connect to the > session 1
He asked me a login and a password.
I tried the cisco and a few other combinations... but no luck.
How to reset it? also the procedure to reset on the docs said its password resets or the cisco of the user...
How can I be sure that the cisco of the user still exists about it or not?
any help please?
The only way to get the software for your module is to download via the software centre of Cisco.com. You will need a Smartnet contract or account of the BCC to access downloads.
You'll be able to reimage the module with the 6.0 software, but it is advisable to reimage it with the most basic image. You can always switch from there!
Information on the site is in the following document:
Hope this information helps, if it does; Please note!
Kind regards
Michael
-
Problem to run the IPS of ASDM
Hi guys, I have an ASA 5520 ver 8.4 with a module AIP-SSM-40, when I finished the configuration, I can ping from ASA IPS module and the IPS module to ASA. I can ping IPS module to my PC and so on. the problem is when I try to launch the IDM (IPS tab) of the ASDM,
This error message appears on the GUI. Error connecting to the sensor. Load sensor error. I have connected the interface of management of IP addresses to a switch, the ASA is connected to the same switch, and my PC is also connected to this switch, all in the same vlan.
Can you help me on what can I do to solve it.
Thank you.
Hi Hugo,.
Please see the following link
https://supportforums.Cisco.com/thread/2092783
http://www.Cisco.com/en/us/products/ps6120/products_tech_note09186a00808908d5.shtml
Kind regards
Prashant
-
Just got an ASA with a SSM - 20 module. I am trying to determine the latest revision of sensor for the IPS module software. V5.1 (7) E1 has a date of October 18, 2007 and the 3,0000 E1 version has a date June 28, 2007. Which is the latest version?
6.x is the latest version. What you're talking about are simply patch levels. It is certainly possible that the versions 5.x and 6.x are both actively maintained (I was not paying much attention to 5.x since coming to 6.x). The press release or the patch 'most recent' is compared to the version of the software you are using. IOW, if 8,0000 E1 is released tomorrow, 3,0000 E1 is still the latest hotfix for customers running 6.x.
-
Hi, I'm currently running active / standby and my sometimes (twice a year) IPS module goes on which triggering a failover. The current status is:
This host: secondary: enabled
Another host: primary - failed
and on the primary host-: slot 1: ASA-SSM-10 rev hw/sw (status 1.0/6.1(1)E3) (does not/high)
I know that I have to go in the module and hw-module module reset. But I opened a file and got a replacement Module ID. Do I need to power down my ASA primary, it is in mode of failover in any case... If I turn off, it would result in any question of production since I am currently on secondary. Also, I read that the module will not keep or config between synchronization devices. How can I access the configuration of the IPS module so that I can put it in the new module?
Thanks for the reply.
FYI, these issues must be addressed with the CSE assigned to your request for Service of TAC where RAM was arranged. I'll take a shot at answering them, but when you use a query from Active Service of the TAC, you must act together with the CSE assigned to issues related to the issue.
Do I need to power down my primary ASA
Yes, sensor AIP - SSM modules are not able to SEE (Insertion/withdrawal online). ASA in which the sensor module is replaced must be powered down before removing the faulty sensor module and before installing the replacement.
if I do power down, would it cause any issue to production since I am on secondary right now.
If the other Member of the ASA of the failover pair is currently active and its sensor module is in Place, then power the unit standby off ASA should not affect traffic.
I have read that the module won't retain or synch config between devices. how do i access the configuration of the IPS module so that I can put it into the new module?
Correct, the sensor modules do inheritly not synchronize or replicate their configuration (such as units of the ASA of the failover pair). If you are able to access the defective sensor module long enough to get a copy of the "show config" command, you can integrate this same output in the replacement sensor module.
Finally, note that the Unresponsive State can be caused by hardware problems. IPS 1.0000 E3 (which is what you seem to be running) is very old and is more directly supported. You need to upgrade to a modern version, supported (E4 7.0 (6) or 6.2 (4) E4), which contain a lot of bugs, which some correct problems that might otherwise cause the module become Unresponsive.
-
Hello
I have configured the IPS in my ASA 5520, but I can't find my IPS is working or not. The only thing I can see CPU usage in IDM. Can you help me please how I can view the IPS module activity? I have installed IDM & ASDM in my PC.
Thank you.
Concerning
Mauduit
Please check the Inspection by IDM or IPS CLI (see the virtual sensor stats).
Using the "show stats-sensor virtual", it also shows, the number of packets is processed, what signatures are updated with fire, etc..
Kind regards
Sawan Gupta
Maybe you are looking for
-
Last 5-6 months, I'm not able to access my Mozilla firefox google account, but access from IE.Following error messages appear... "We have detected a problem with your cookies settings.Enable cookiesMake sure that your cookies are enabled. To enable c
-
How do I change or update the graphics card on a HP ENVY 17 - j020us Quad Edition Notebook PC
I want to know if I can add another video card or if I can swap the video card to intel-4400 HP provided with this computer. I tried to look on the sites of HP and may not know if the graphics card is integrated or if she is separated.
-
How to fix the black screen of my hp pavilion g6
How to fix the black screen of my hp pavilion g6
-
Hi all I'm testing an application that uses the Rad_error_nocontent to which the device is fixed... at some point the problem is that I'm not able to get this value in some way. My BONES objective: BB10.2-> Android jellybean (API, 17) My device: Z10
-
Gradient of 'problem' in groups
Hello! We have a problem to apply the gradient effect to a group. It manages the entire group as a single object when it comes to gradient. All other effects is applied per / layer.Just to show here are the results:'This is what happens when adding t