https://community.cisco.com/t5/network-security/asa-5512x/m-p/2483429#M45632 <P>Hi,</P><P>&nbsp;</P><P>I have been on and off this project for a month but hopfully will have the next week or two to focus on it.</P><P>I have a cisco ASA 5512X and i'm trying to get the IPS working.</P><P>Looking on google and cisco forums it says you need a management interface. We do not use the management interface we just have the lan port of the ASA plugged direct into our LAN switch.</P><P>few questions i need clearing up.</P><P>1. Do i need to use the management interface? If i do, do a need to route it to my internal lan as we only plug into a switch not a layer 3 device to do any routing?</P><P>2. Can i not just use my inside interface?</P><P>3. When the above is complete do i need to use the MPF to route all traffic to the IPS? if so can i use an ACL any any on the outside interface?</P><P>I want to check traffic coming from the internet to my LAN.</P><P>&nbsp;</P><P>I have looked at <A href="http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/ips/ips_qsg.html" target="_blank">http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/ips/ips_qsg.html</A> and still cannot get it working. The way i have tested is my enabling all the signatures based on icmp/ping sweep. when i test from the outisde i look at the IPS logs and get nothing?</P><P>&nbsp;</P><P>Any help on this would be great.</P> Sun, 10 Mar 2019 13:10:45 GMT James Hoggard 2019-03-10T13:10:45Z https://community.cisco.com/t5/network-security/asa-5512x/m-p/2483429#M45632 <P>Hi,</P><P>&nbsp;</P><P>I have been on and off this project for a month but hopfully will have the next week or two to focus on it.</P><P>I have a cisco ASA 5512X and i'm trying to get the IPS working.</P><P>Looking on google and cisco forums it says you need a management interface. We do not use the management interface we just have the lan port of the ASA plugged direct into our LAN switch.</P><P>few questions i need clearing up.</P><P>1. Do i need to use the management interface? If i do, do a need to route it to my internal lan as we only plug into a switch not a layer 3 device to do any routing?</P><P>2. Can i not just use my inside interface?</P><P>3. When the above is complete do i need to use the MPF to route all traffic to the IPS? if so can i use an ACL any any on the outside interface?</P><P>I want to check traffic coming from the internet to my LAN.</P><P>&nbsp;</P><P>I have looked at <A href="http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/ips/ips_qsg.html" target="_blank">http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/ips/ips_qsg.html</A> and still cannot get it working. The way i have tested is my enabling all the signatures based on icmp/ping sweep. when i test from the outisde i look at the IPS logs and get nothing?</P><P>&nbsp;</P><P>Any help on this would be great.</P> Sun, 10 Mar 2019 13:10:45 GMT https://community.cisco.com/t5/network-security/asa-5512x/m-p/2483429#M45632 James Hoggard 2019-03-10T13:10:45Z https://community.cisco.com/t5/network-security/asa-5512x/m-p/2483430#M45634 <P>Hi james,</P><P>ASA 5512-X run the IPS module as a software module, and the IPS management interface shares the Management 0/0 interface with the ASA.</P><P>1. You need&nbsp; to use mgt0/0 interface , You must remove the ASA-configured name for Management 0/0 and configure IPS address from one of the ASA inside network, just plug it in your switch.</P><P>3. Yes, you need MPF to route traffic to the IPS module. You need not to open any to any ACL on the outside interface as it will be a huge security hole.</P><P>Create an ACL with the desired traffic to be inspected by IPS.</P><P>In your case use ACL with source any destination to your LAN network and match it under class map.</P><P>HTH</P><P>"Please rate helpful posts"</P><P>&nbsp;</P> Wed, 09 Apr 2014 10:45:56 GMT https://community.cisco.com/t5/network-security/asa-5512x/m-p/2483430#M45634 Poonam Garg 2014-04-09T10:45:56Z