Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6220
Views
0
Helpful
3
Replies

ASA 5515-X vlan and IPS configuration

memonet1red
Level 1
Level 1

‎10-11-2012 02:45 PM - edited ‎03-11-2019 05:07 PM

Hi, i need to configure a new ASA 5515-X with a 3 trunk port for vlans that become from switch, but i need turn on IPS in in-line mode, somebody has an example and limitations for this configuration type?  thanks and regards

Labels:
0 Helpful
3 Replies 3

Julio Carvajal
VIP Alumni
VIP Alumni

‎10-27-2012 12:54 PM

Hello Guillermo,

Here is a documment regarding the IPS setup and how to manage it

http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_tech_note09186a0080bd5d03.shtml

Let us know if you have any other question,if not mark it as answered

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

memonet1red
Level 1
Level 1
In response to Julio Carvajal

‎10-31-2012 11:09 AM

Hi, I need to know "how-to" configure in asa 5515-x inspection in different vlans, its very important this information for a close a deal with a custom, the scenario is:

                            WAN  --   layer 3 switch -- asa 5515-x -- switch with servers

flow is...from layer 3 receive a different physical networks and connect to trunk port in the asa, after that asa routed and send traffic to interface trunk to switch layer 3 for distribuited traffic to the servers

i need to configure IPS prevention for only permit traffic valid with target server specific

please help

thanks and regards

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to memonet1red

‎10-31-2012 11:32 AM

Hello Guillermo,

Okay so from the ASA perspective you need to send the traffic to the IPS module using the MPF.

You match the traffic using an ACL!

http://www.cisco.com/en/US/docs/security/ips/7.1/configuration/guide/cli/cli_asa_ips.pdf

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card