cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

5347
Views
0
Helpful
6
Replies
Beginner

Bypass mode in Sourcefire Firepower cluster

Hi,

How to enable software bypass on clustered firepower 8350 devices.

Sometime during troubleshooting we need to bypass IPS for test-traffic. How to achieve this without physical cabling changes/switch config changes.

I  see Access Control rule with Trust rule can also be used. need more information on software bypass option though.

 

Thanks

 

 

 

 

6 REPLIES 6
Cisco Employee

You are on the right track.

You are on the right track. If you create a rule with action as "Trust" traffic won't be sent to the inspection engine for analysis and would be simply allowed.

Thanks,

 

Dinkar

 

Beginner

Hi Dinkar,Thanks for the

Hi Dinkar,

Thanks for the confirmation.

Can the below mentioned  software bypass command be used for Clustered Firepower devices ;

configure bypass open <inetrface>

 

 

Highlighted
Cisco Employee

Yes, you can use that.Opens

Yes, you can use that.

Opens or closes the bypass mode of an inline pair. This command is not available on virtual devices and ASA FirePOWER devices.

 

configure bypass {open | close} {interface}

where interface is the name of either hardware port in the inline pair.

Example

> configure bypass open s1p1

Hi Dinkar,

Hi Dinkar,

1) i need to upgrade software on 8350 sensor.  can i type  "configure bypass open s1p1" on one of the interface of each inline pair ( i have 5 inline sets)   so i can upgrade the sensor and reboot without effective live traffic. ?

2) hope if i enable "configure bypass open s1p1" on one of the interface  of inline set , IPS policy will not block all traffic and by pass traffic.

Thanks

Beginner

I have the same issue.

I have the same issue.

1) i need to upgrade software on 8120 and 7120 sensor.  we need to type  "configure bypass open s1p1" on one of the interface of each inline pair ( i have 5 inline sets)   so i can upgrade the sensor and reboot without effective live traffic. ?

2) hope if i enable "configure bypass open s1p1" on one of the interface  of inline set , IPS policy will not block all traffic and by pass traffic.

Cisco Employee

Hi, You cannot configure

Hi,


 You cannot configure bypass mode for inline sets on clustered devices,
 

Regards,

Aastha

Rate if that helps!!!

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here