Table of Contents
Note: The ASA 5585-X with SSP-10, SSP-20, or SSP-40 ships with one power supply module installed and one power cable. The ASA 5585-X with SSP-60, ships with two power supply modules installed and two power cables.
The ASA SSP resides in slot 0 (bottom). A second SSP (or network module) can be installed in slot 1 (top). When you install a non-ASA SSP in slot 1, all non-management interfaces belong to the ASA in slot 0, while the management interfaces belong to the module. If you install dual ASA SSPs, then they are completely independent systems.
See the following table for default configurations for the Management interfaces depending on which module is installed in slot 1. Note that the left-hand Management interface (when facing the back of the chassis) is not configured by default.
All management traffic to and from the non-ASA SSP must enter and exit the Management 1/0 or 1/1 interface. Because this interface is not an ASA data interface, traffic cannot pass through the ASA over the backplane; you need to physically cable the management interface to an ASA interface. Non-ASA SSPs usually need Internet access for updates. See the following typical cabling setup to allow SSP access to the Internet through the ASA management interface. Other options are possible, depending on how you want to connect your network; for example, you can make the Management 1/0 interface outside facing; or you can route between it and a different ASA interface if you have an inside router; and so on.
1. Cable the management and data interfaces. See 3. Network Considerations for Multiple SSPs for a sample cabling scenario.
2. If you do not use the Management 0/0 for ASA management, you need to configure a data interface for management. Do one of the following, then recable the computer so it is on the new management network:
–Temporarily connect to Management 0/0, launch ASDM (see 5. Launch ASDM), and configure a data interface for management.
The interfaces available depend on your model. See the hardware guide for more information.
Using ASDM, you can use wizards to configure basic and advanced features. See the ASDM release notes on Cisco.com for the requirements to run ASDM.
Note: If you choose to click Install ASDM Launcher, in some cases you need to install an identity certificate for the ASA and a separate certificate for the ASA FirePOWER module according to Install an Identity Certificate for ASDM.
ASDM includes many wizards to configure your security policy. See the Wizards menu for all available wizards, including the Startup Wizard for initial deployment. To continue configuring your ASA, see the documents available for your software version at Navigating the Cisco ASA Series Documentation.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)