Cisco Content Security and Control SSM Administrator Guide, 6.1.1569.0 - Reimaging and Configuring the CSC SSM Using the CLI [Cisco Security Modules for Security Appliances]

Table Of Contents

Reimaging and Configuring the CSC SSM Using the CLI

Installation Checklist

Preparing to Reimage the Cisco CSC SSM

Reimaging the CSC SSM

Confirming the Installation

Viewing or Modifying Network Settings

Viewing Date and Time Settings

Viewing Product Information

Viewing or Modifying Service Status

Using Password Management

Changing the Current Password

Modifying the Password-reset Policy

Restoring Factory Default Settings

Troubleshooting Tools

Enabling Root Account

Showing System Information

Collecting Logs

Enabling Packet Tracing

Modifying Upload Settings

Resetting the Management Port Access Control

Pinging an IP Address

Exiting the Setup Wizard

Resetting the Configuration via the CLI

Reimaging and Configuring the CSC SSM Using the CLI

This appendix describes how to reimage and configure the CSC SSM using the CLI, and includes the following sections:

•Installation Checklist

•Preparing to Reimage the Cisco CSC SSM

•Reimaging the CSC SSM

•Resetting the Configuration via the CLI

The Trend Micro InterScan for Cisco CSC SSM software is preinstalled on the adaptive security appliance. Normally, you only need to use the information in this appendix for password or system recovery procedures.

Note If installation is required, the Setup Wizard launched from the ASDM is the preferred method of installation. For more information, see Cisco ASA 5500 Series Adaptive Security Appliance Getting Started Guide.

Installation Checklist

Before you start, be prepared to supply the following information during installation, shown in Table A-1. If you prefer, you can print a copy of this table and use it as a checklist, to record the values you enter.

Table A-1 Installation Checklist

Information Requested

Information Entered

Completed

Administrator password for the CLI

Do not record your password.

—

SSM card IP address

Subnet mask

Hostname (1 to 63 alphanumeric characters; can include hyphens, except as the first character). For example: cisco1-ssm-csc

Domain name

Primary DNS IP address

Secondary DNS IP address (optional)

Gateway IP address

Proxy server? (optional)
If yes:
Proxy server IP
Proxy server port

Domain name for incoming mail

Administrator password for the CSC SSM console

Do not record your password.

—

Administrator e-mail address

Notification e-mail server IP

Notification e-mail server port

Base License Activation Code

Plus License Activation Code (optional)

Preparing to Reimage the Cisco CSC SSM

During installation, you are prompted to synchronize the date and time on the CSC SSM with the security appliance. Before you begin, make sure that the date and time settings on the adaptive security appliance are correct.

To prepare for reimaging, perform the following steps:

Step 1 Download the Trend Micro InterScan for Cisco CSC SSM software to your TFTP server.

Step 2 Using a terminal application such as Windows HyperTerminal, log on and open a terminal session to the adaptive security appliance console by entering the following command:
hostname# hw module 1 recover config
The system response is similar to the following example:
Image URL tftp://insidehost/CSCSSM-6.1.1519.0.img]:tftp://insidehost/CSCSSM-6.1.1519.0.img
Port IP Address [000.000.0.00]: 
VLAN ID [0]: 
Gateway IP Address [0.0.0.0]: 
hostname# hw module 1 recover boot
The module in slot 1 will be recovered. This may 
erase all configuration and all data on that device and
attempt to download a new image for it.
Recover module in slot 1? [confirm]
Step 3 Enter y to confirm.
Recover issued for module in slot 1
Step 4 Enable the debug module-boot command.
hostname# debug module-boot 
debug module-boot enabled at level 1
hostname# Slot-1 199> Cisco Systems ROMMON Version (1.0(8)1) #0: Thu Jan 20 20:28:49 PST 
2005
Slot-1 200> Platform SSM-IDS20
Slot-1 201> GigabitEthernet0/0
Slot-1 202> Link is UP
Slot-1 203> MAC Address: 000b.fcf8.0134
Slot-1 204> ROMMON Variable Settings:
Slot-1 205>   ADDRESS=192.168.7.20
Slot-1 206>   SERVER=192.168.7.100
Slot-1 207>   GATEWAY=0.0.0.0
Slot-1 208>   PORT=GigabitEthernet0/0
Slot-1 209>   VLAN=untagged
Slot-1 210>   IMAGE=CSCSSM-6.1.1519.0.img
Slot-1 211>   CONFIG=
Slot-1 212> tftp CSCSSM-6.1.1519.0.img@192.168.7.100
Slot-1 213> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Slot-1 214> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
.
.
.
Note This process takes about ten minutes.
.
.
.
Slot-1 389>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Slot-1 390> Received 57985402 bytes
Slot-1 391> Launching TFTP Image...
Slot-1 392> Cisco Systems ROMMON Version (1.0(8)1) #0: Thu Jan 20 20:28:49 PST 2005
Slot-1 393> Platform SSM-IDS20
Slot-1 394> GigabitEthernet0/0
Slot-1 395> Link is UP
Slot-1 396> MAC Address: 000b.fcf8.0134
Slot-1 397> Launching BootLoader...
Caution The module recovery can loop if the image is corrupt or if the size of the image file exceeds the limitations on the TFTP server. If the module is stuck in a recovery loop, you must enter the following command to stop the module from trying to load the image.
hw module 1 recover stop

Step 5 Disable the debug-module boot command.
hostname# no debug module-boot 
Step 6 Show module 1 details.

Sample code output follows:
JDPIX# show module 1 d
Getting details from the Service Module, please wait...
SSM-IDS/10-K9
Model:              SSM-IDS10
Hardware version:   1.0
Serial Number:      0
Firmware version:   1.0(8)1
Software version:   CSC SSM 6.1.1519.0
MAC Address Range:  000b.fcf8.0159 to 000b.fcf8.0159
App. name:          CSC SSM
App. Status:        Down
App. Status Desc:   CSC SSM scan services are not available
App. version:       CSC SSM 6.1.1519.0
Data plane Status:  Up
Status:             Up
HTTP Service:       Down
Mail Service:       Down
FTP  Service:       Down
Activated:          No
Mgmt IP addr:       <not available>
Mgmt web port:      8443
Peer IP addr:       <not enabled>
Step 7 Open a command session.
hostname# session 1
Opening command session with slot 1.
Connected to slot 1. Escape character sequence is 'CTRL-^X'.
Step 8 Log in to Trend Micro InterScan for Cisco CSC SSM using the default login name "cisco" and password "cisco."
login: cisco
Password: 
Step 9 Change your password immediately. Do not use the same password that you use to access the ASDM.
You are required to change your password immediately (password aged)
Changing password for cisco
(current) UNIX password: 
New password:
Retype new password: 
Reimaging the CSC SSM

This section describes how to reimage the CSC SSM, and includes the following topics:

•Confirming the Installation

•Viewing or Modifying Network Settings

•Viewing Date and Time Settings

•Viewing Product Information

•Viewing or Modifying Service Status

•Using Password Management

•Restoring Factory Default Settings

•Troubleshooting Tools

•Resetting the Management Port Access Control

•Pinging an IP Address

•Exiting the Setup Wizard

To reimage the CSC SSM using the CLI Setup Wizard, perform the following steps:

Step 1 Log in to the adaptive security appliance using the administrator username and password.

After you confirm your administrator CLI password, the Trend Micro InterScan for Cisco CSC SSM Setup Wizard appears.
Trend Micro InterScan for Cisco CSC SSM Setup Wizard
-------------------------------------------------------------------------- 
Do you want to restore the previous configuration? [y/n] n
To set up the SSM, the wizard prompts for the following information:
1. Network settings
2. Date/time settings verification
3. Incoming email domain name
4. Notification settings
5. Activation Codes
The Base License is required to activate the SSM.
Press Control-C to abort the wizard.
Press Enter to continue ...
Step 2 Enter 1 to configure network settings.

The Network Settings prompts appear.
Network Settings
-------------------------------------------------------------------------- 
Enter the SSM card IP address:
Enter subnet mask:
Enter host name:
Enter domain name:
Enter primary DNS IP address: 
Enter optional secondary DNS IP address:
Enter gateway IP address: 
Do you use a proxy server? [y|n] 
Step 3 Respond to the network settings prompts, using values from the installation checklist. When you are finished with the last network settings prompt, your entries appear for visual verification. For example:
Network Settings
-------------------------------------------------------------------------- 
IP             000.000.0.00
Netmask        255.255.255.0
Hostname       CSCSSM
Domain name    example.com
Primary DNS    10.2.200.2
Secondary DNS  10.2.203.1
Gateway        000.000.0.0
No Proxy
Are these settings correct? [y|n] y
Step 4 If the settings are correct, retype y to confirm. (If you choose n, the Network Settings prompts reappear; repeat Step 2.)

After you confirm your network settings, the system responds with the following message:
Applying network settings ...
Step 5 (Optional) Confirm the network settings by pinging the gateway IP address. To skip pinging, choose n.
Do you want to confirm the network settings using ping? [y|n] y
Enter an IP address to ping: 000.000.0.0
PING 000.000.0.0 (192.168.7.1): 56 data bytes
64 bytes from 192.168.7.1: icmp_seq=0 ttl=255 time=0.2 ms
64 bytes from 192.168.7.1: icmp_seq=1 ttl=255 time=0.1 ms
64 bytes from 192.168.7.1: icmp_seq=2 ttl=255 time=0.2 ms
64 bytes from 192.168.7.1: icmp_seq=3 ttl=255 time=0.1 ms
64 bytes from 192.168.7.1: icmp_seq=4 ttl=255 time=0.1 ms
--- 192.168.7.1 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.1/0.2 ms
Press Enter to continue ... 
The Date/Time Settings prompt appears.
                       Date/Time Settings
---------------------------------------------------------------------
SSM card date and time: 10/06/2005 18:14:14
The SSM card periodically synchronizes with the chassis.
Is the time correct? [y|n] y
Step 6 Enter y to set the date and time to synchronize with the chassis. Enter n to update the date and time, exit the Setup Wizard, update the date and time or NTP settings on the ASA chassis, and reinstall the SSM.

The Incoming Domain Name prompt appears.
Incoming Domain Name
---------------------------------------------------------------------
Enter the domain name that identifies incoming email messages: (default:example.com)
Domain name of incoming email: example.com
Is the incoming domain correct? [y|n] y
Step 7 Enter your highest level domain name for your organization and then y to continue.

The Administrator/Notification Settings prompts appear.
Administrator/Notification Settings
---------------------------------------------------------------------
Administrator email address: 
Notification email server IP:
Notification email server port: (default:25)
Step 8 Enter the correct value for each setting.

A confirmation message appears, as shown in the following example:
Administrator/Notification Settings
---------------------------------------------------------------------
Administrator email address: tester@example.com
Notification email server IP: 10.2.202.28
Notification email server port: 25
Are the notification settings correct? [y|n] y
Step 9 Enter y to continue.

The Activation prompts appear.
                           Activation
---------------------------------------------------------------------
You must activate your Base License, which enables you to update
your virus pattern file. You may also activate your Plus License.
Activation Code example: BV-43CZ-8TYY9-D4VNM-82We9-L7722-WPX41
Enter your Base License Activation Code: PX-ABTD-L58LB-XYZ9K-JYEUY-H5AEE-LK44N
Base License activation is successful.
(Press Enter to skip activating your Plus License.)
Enter your Plus License Activation Code: PX-6WGD-PSUNB-9XBA8-FKW5L-XXSHZ-2G9MN
Plus License activation is successful.
The Activation Status appears.
Activation Status
---------------------------------------------------------------------
Your Base License is activated.
Your Plus License is activated.
Stopping services: OK
Starting services: OK
The Setup Wizard is finished.
Please use your Web browser to connect to the management console at:
https://192.168.7.20:8443
Press Enter to exit ...
Remote card closed command session. Press any key to continue.
Command session with slot 1 terminated.
hostname# 
The services starting message informs you that installation is complete.

Step 10 Use your browser to log on to the CSC SSM console by entering the URL in the following format:
https://<SSM IP address>:8443/
Confirming the Installation

When the reimaging is complete, perform the following steps:

Step 1 To view information about the CSC SSM and the services you configured during installation, enter the following command:
hostname# show module 1 details
The system responds as follows:
Getting details from the Service Module, please wait...
SSM-IDS/20-K9 
Model: SSM-IDS20
Hardware version:   1.0
Serial Number:      0
Firmware version:   1.0(8)1
Software version:   CSC SSM 6.1.1519.0
MAC Address Range:  000b.fcf8.0134 to 000b.fcf8.0134
App. name:          CSC SSM proxy services are not available
App. version:       
App. name:          CSC SSM
App. version:       6.1.1519.0
Data plane Status:  Up
Status:             Up
HTTP Service:       Up 
Mail Service:       Up
FTP  Service:       Up
Activated:          Yes
Mgmt IP addr:       192.168.7.20 
Mgmt web port:      8443
Peer IP addr:       <not enabled> 
hostname# 
Step 2 To start a command session, enter the following command:
hostname# session 1
Opening command session with slot 1.
Connected to slot 1. Escape character sequence is 'CTRL-^X'.
Step 3 Log in using the default login name "cisco" and the password that you configured on the Administrator/Notification Settings window during installation.
login: cisco
Password: 
Last login: Mon Oct 10 13:24:07 from 127.0.1.1
The Trend Micro InterScan for Cisco CSC SSM Setup Main menu appears.
     Trend Micro InterScan for Cisco CSC SSM Setup Main Menu 
---------------------------------------------------------------------
1. Network Settings 
2. Date/Time Settings 
3. Product Information 
4. Service Status 
5. Password Management
6. Restore Factory Default Settings 
7. Troubleshooting Tools
8. Reset Management Port Access Control List 
9. Ping 
10. Exit ... 
Enter a number from [1-10]: 
Viewing or Modifying Network Settings

To view or modify network settings, enter 1.

The Network Settings prompts appear.
Network Settings 
---------------------------------------------------------------------
IP             192.168.7.20
Netmask        255.255.255.0
Hostname       CSCSSM
Domain name    tester@example.com
MAC address    00:0B:FC:F8:01:34
Primary DNS    10.2.200.2
Secondary DNS  10.2.203.1
Gateway        192.168.7.1
No Proxy
Do you want to modify the network settings? [y|n] n
Viewing Date and Time Settings

To view the date and time settings, enter 2.

The Date/Time Settings prompts appear:
Date/Time Settings 
---------------------------------------------------------------------
SSM card date and time: 10/10/2005 13:27:09 PDT
Press Enter to continue ...
Note You cannot change these settings; this information is for reference only.

Viewing Product Information

To view the product version and build numbers, enter 3.

The Product Information prompts appear:
                       Product Information
---------------------------------------------------------------------
Trend Micro InterScan for Cisco CSC SSM 6.1.1542.0
Press Enter to continue ...
Note You cannot change these settings; this information is for reference only.

Viewing or Modifying Service Status

To view or modify service status, perform the following steps:

Step 1 Enter 4.

The Service Status prompts appear.
Service Status
---------------------------------------------------------------------
The CSC SSM RegServer service is running
The CSC SSM HTTP service is running
The CSC SSM FTP service is running
The CSC SSM Notification service is running
The CSC SSM Mail service is running 
The CSC SSM GUI service is running 
The CSC SSM SysMonitor service is running 
The CSC SSM Failoverd service is running 
The CSC SSM LogServer service is running 
The CSC SSM SyslogAdaptor service is running 
The CSC SSM Syslog-ng service is running 
Do you want to restart all services? [y|n] n
Step 2 Enter y to restart scanning services. Enter n if everything is running smoothly.

Note If you are trying to troubleshoot a problem, restarting may return the SSM to a proper operating status. For more information about the effects of restarting services, see the "Restart Scanning Service" section.

Using Password Management

This section describes how to manage passwords, and includes the following topics:

•Changing the Current Password

•Modifying the Password-reset Policy

To use Password Management, enter 5.

The following prompt appears:
Enter a number from [1-10]: 5
                       Password Management
---------------------------------------------------------------------
1. Change Password
2. Modify Password-reset Policy
3. Return to Main Menu
Enter a number from [1-3]: 1
Changing the Current Password

To change the password, perform the following steps:

Step 1 Access the Change Password command, as shown in the previous procedure.

The following screen appears.
                         Change Password
---------------------------------------------------------------------
This option allows you to change the password for the CSC SSM that
you are currently using.
Step 2 Type y and press Enter.
Do you want to continue? [y|n] y
Step 3 Type the old password and press Enter.
The password will be hidden while you type.
Press Enter to return to last menu.
Enter old password:
Step 4 Type the new password and press Enter. Then retype the new password and press Enter to confirm it.
Enter new password (minimum of 5, maximum of 32 characters)
Enter new password:
Re-enter new password:
Please wait ...
The password has been changed.
Modifying the Password-reset Policy

You can modify the password-reset policy to "Allowed" or "Denied."

•"Allowed" means you can reset the CSC SSM password through the ASDM without verifying the old password. Under this setting, you can reset the password, even if the current password has been lost.

•"Denied" means you cannot reset the CSC SSM password through the ASDM without reimaging and reactivating the CSC SSM. However, you can still change the password to the CSC SSM if you know the current password.

Caution Setting the password-reset policy to "Allowed" compromises the security of the application.

To modify the password-reset policy, perform the following steps:

Step 1 From the Password Management menu, enter 2. For access details, see Using Password Management.

The following screen appears.
                  Modify Password-reset Policy
---------------------------------------------------------------------
Current CSC SSM password-reset policy: Allowed
"Allowed" allows the Adaptive Security Device Manager (ASDM)
to reset the CSC SSM password without verifying the old password.
"Denied" does not allow the ASDM to reset the CSC SSM password
without re-imaging and re-activating the CSC SSM.
Step 2 Type y and press Enter to change the password-reset policy, as shown in the following example:
Do you want to modify the CSC SSM password-reset policy now? [y|n] y
The following confirmation appears:
Updated CSC SSM password-reset policy: Denied
Restoring Factory Default Settings

To restore factory default configuration settings, enter 6.

The Restore Factory Default Settings prompt appears.
Restore Factory Default Settings
---------------------------------------------------------------------
Are you sure you want to restore the factory default settings? [y|n] n
Caution If you enter y, all your configuration settings are returned to the preinstallation default settings. For a description of the default settings, see the "Default Mail Scanning Settings" section and the "Default Web and FTP Scanning Settings" section. Additional configuration changes you have made since installation, such as registration or activation, licensing, enabling spyware or grayware detection, file blocking, file blocking exceptions, and other settings are lost.

Although this option is available from the CLI, a better alternative for restoring configuration settings is available from the CSC SSM console. Choose Administration > Configuration Backup to view the Configuration Backup window, which allows you to export your configuration settings to a configuration file that you can import at a later time.

Note Choose the Restore Factory Default Settings option only if you must reinstall the CSC SSM.

Troubleshooting Tools

This section describes the troubleshooting tools, and includes the following topics:

•Enabling Root Account

•Showing System Information

•Collecting Logs

•Enabling Packet Tracing

•Modifying Upload Settings

Enter 7 to display a menu of troubleshooting tools. These tools are available to help you or Cisco TAC obtain information to troubleshoot a problem.
Troubleshooting Tools
--------------------------------------------------------------------- 
1. Enable Root Account
2. Show System Information
3. Gather Logs
4. Gather Packet Trace
5. Modify Upload Settings
6. Return to Main Menu 
Enter a number from [1-6]: 
Enabling Root Account

To enable root account access, perform the following steps:

Step 1 Enter 1.

The following warning appears:
************************ WARNING ************************
UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED.
This account is intended to be used for support and 
troubleshooting purposes only. Unauthorized modifications 
are not supported and will require this device to be
re-imaged to guarantee proper operation.
*********************************************************
Do you want to accept the warning and enable the root account? [y|n] 
Step 2 Enter y to enable the root account.

This warning only appears the first time you enable the root account. Once the root account is enabled, you cannot disable it.

Caution This option is not intended for use by system administrators; it is provided for use by Cisco service personnel only. Do not select this option unless directed to do so by Cisco TAC.

Showing System Information

This section describes how to show system information, and includes the following topics:

•Showing System Information on Screen

•Uploading System Information

To view system information directly on the screen, enter 2. Alternatively, you can save the data to a file and transfer the information using FTP or TFTP. The Troubleshooting Tools - Show System Information menu appears.
Troubleshooting Tools - Show System Information
--------------------------------------------------------------------- 
1. Show System Information on Screen
2. Upload System Information
3. Return to Troubleshooting Tools Menu
Showing System Information on Screen

To show system information on screen, perform the following steps:

Step 1 Enter 1 from the Troubleshooting Tools - Show System Information menu. System information is available from various locations on the ASDM and CSC SSM interfaces; however, this CLI makes the information available in one place, as shown in the following example:
++++++++++++++++++++++ 
Mon Jan 9 18:38:01 PST 2006 (-8) 
System is : Up 
# Product Information 
Trend Micro InterScan for Cisco CSC SSM 
Version: 6.01.1519.0 
SSM Model: SSM-10 
# Scan Engine and Pattern Information 
Virus Scan Engine: 8.100.1002 (Updated: 2006-01-09 14:10:07) 
Virus Pattern: 3.149.00 (Updated: 2006-01-09 14:10:39) 
Grayware Pattern: 0.327.00 (Updated: 2006-01-09 14:13:11) 
PhishTrap Pattern: 223 (Updated: 2006-01-09 14:13:28) 
AntiSpam Engine: 14196 (Updated: 2006-01-09 14:11:04) 
AntiSpam Rule: 3.51.1033 (Updated: 2006-01-09 14:12:53) 
# License Information 
Product:Base License 
Version:Standard 
Activation Code:BX-9YWQ-3685S-X39PZ-H96NW-MAJR7-CWBXR 
Seats:000250 
Status:Expired within grace period 
Expiration date:12/31/2005 
Product:Plus License 
Version:Standard 
Activation Code:PX-P67G-WCJ6G-M6XJS-2U77W-NM37Y-EZVKJ 
Status:Expired within grace period 
Expiration date:12/31/2005 
Daily Node Count: 0 
Current Node Count: 0 
# Kernel Information 
Linux csc 2.4.26-cscssm #2 SMP Mon Dec 19 11:53:05 PST 2005 (1.0.6) i686 
unknn 
ASDP Driver 1.0(0) is UP:
Total Connection Records: 169600 
Connection Records in Use: 0 
Free Connection Records: 169600 
The information continues to scroll.

Step 2 Enter q to quit.

Uploading System Information

To upload system information, perform the following steps:

Step 1 From the Troubleshooting Tools - Show System Information menu, enter 2.

The following prompts appear:
Gathering System Information ...
Creating temporary file CSCSSM-SYSINFO-20060109-184511.txt
Uploading temporary file CSCSSM-SYSINFO-20060109-184511.txt
Uploading file ...
Deleting temporary file CSCSSM-SYSINFO-20060109-184511.txt
Press Enter to continue ... 
Step 2 Respond to these prompts to upload the system information. The system information is sent using the upload settings created by entering 5, Modify Upload Settings. For more information, see Modifying Upload Settings.

If you did not configure the upload settings, the following prompts precede those appearing in the previous step:
Choose a protocol [1=FTP 2=TFTP]: 1
Enter FTP server IP: 10.2.15.235
Enter FTP server port: (default:21)
Enter FTP user name: ftp
The password will be hidden while you type.
Enter FTP password:
Retype FTP server password:
Saving Upload Settings: OK
Step 3 When you are finished, enter 3 from the Show System Information menu.

Collecting Logs

To collect all logs, perform the following steps:

Step 1 To collect all logs on the CSC SSM, enter 3. Send them via FTP or TFTP, for example, to Cisco TAC. The logs are sent using the upload settings created by entering 5, Modify Upload Settings. For more information, see Modifying Upload Settings.
Troubleshooting Tools - Gather Logs
--------------------------------------------------------------------- 
Gather logs now? [y|n] y
Gathering logs ...
Creating temporary file CSCSSM-LOG-20060109-184525.tar.gz
Uploading temporary file CSCSSM-LOG-20060109-184525.tar.gz
Uploading file ...
Deleting temporary file CSCSSM-LOG-20060109-184525.tar.gz 
Step 2 Enter y to gather logs.

Note Logs are automatically named using the following convention: CSCSSM-LOG-<date-time>.tar.gz. A similar convention for packets (described in the next section) is used: CSCSSM-PACKET-<date-time>.gz.

Enabling Packet Tracing

To enable packet tracing between the CSC SSM and adaptive security appliance, perform the following steps:

Step 1 Enter 4. Cisco TAC usually needs this information.

The following prompts appear:
Troubleshooting Tools - Gather Packet Trace
--------------------------------------------------------------------- 
Gather packet trace now? [y|n] y
Press Control-C to stop.
Gathering packet trace ...
Creating temporary file CSCSSM-PACKET-20060109-184529.gz
Upload the packet trace now? [y|n] y
Uploading temporary file CSCSSM-PACKET-20060109-184529.gz
Uploading file ... 
Step 2 Enter y to gather packet traces.

Step 3 Press Control-C to stop.

Step 4 Enter y to upload packet traces.

The packets are uploaded using the protocol defined by entering 5, Modify Upload Settings. For more information, see Modifying Upload Settings.

Modifying Upload Settings

To modify upload settings, perform the following steps:

Step 1 To set the uploading method to either FTP or TFTP, enter 5.

Note Your FTP or TFTP server must be set up to enable uploading.

When you enter 5, the following prompts appear:
Troubleshooting Tools - Upload Settings
--------------------------------------------------------------------- 
Choose a protocol [1=FTP 2=TFTP]: (default:1) 2
Enter TFTP server IP: (default:10.2.42.134)
Enter TFTP server port: (default:69)
Saving Upload Settings: OK
Press Enter to continue ... 
Step 2 Respond to the prompts to configure the upload settings. The settings are saved for future use.

Step 3 When you are finished, enter 6, Return to Main menu.

Resetting the Management Port Access Control

To reset the management port access control, enter 8.

The following appears:
Resetting management port access control list: OK
Press Enter to continue ...
If the ASDM is unable to communicate with the CSC SSM, try resetting port access via this option.

Pinging an IP Address

To ping an IP address, perform the following steps:

Step 1 Enter 9. The ping option is available for diagnostic purposes.

The following appears:
Enter an IP address to ping:
Step 2 Enter an IP address.

The system responds as follows:
PING 192.168.7.1 (192.168.7.1): 56 data bytes
64 bytes from 192.168.7.1: icmp_seq=0 ttl=255 time=0.1 ms
64 bytes from 192.168.7.1: icmp_seq=1 ttl=255 time=0.1 ms
64 bytes from 192.168.7.1: icmp_seq=2 ttl=255 time=0.1 ms
64 bytes from 192.168.7.1: icmp_seq=3 ttl=255 time=0.2 ms
64 bytes from 192.168.7.1: icmp_seq=4 ttl=255 time=0.1 ms
--- 192.168.7.1 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.1/0.2 ms
Press Enter to continue ... 
Exiting the Setup Wizard

To exit the Setup Wizard, perform the following steps:

Step 1 To exit the Setup Wizard, enter 10.

The Exit Options menu appears.
Exit Options 
---------------------------------------------------------------------
1. Logout 
2. Reboot 
3. Return to Main Menu 
Enter a number from [1-3]: 1
Remote card closed command session. Press any key to continue.
Command session with slot 1 terminated.
hostname# 
Step 2 From the Exit Options menu, choose 1 to log out, 2 to reboot the system, or 3 to return to the Setup menu.

Resetting the Configuration via the CLI

This section describes some alternatives that are available for users who want to use the CLI instead of the CSC SSM console. Not all features have an available alternative.

After you have installed Trend Micro InterScan for Cisco CSC SSM, if you have used TFTP to reimage the SSM, the following prompt may appear for the first time when you access the CLI:
Do you want to restore the previous configuration? [y|n] n
Trend Micro InterScan for Cisco CSC SSM Setup Wizard
---------------------------------------------------------------------
To set up the SSM, the wizard prompts for the following information:
1. Network settings
2. Date/time settings verification
3. Incoming email domain name
4. Notification settings
5. Activation Codes
The Base License is required to activate the SSM.
Press Control-C to abort the wizard.
Press Enter to continue ...
Enter y to restore the SSM configuration settings to the state they were in the last time you saved the configuration. This is a CLI alternative to the functionality available on the Administration > Configuration Backup window on the CSC SSM console.