cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


3914
Views
10
Helpful
5
Replies
Beginner

How do you exclude an IP address from Threat Detection in ASA

Hello,

I run ping scans on certain subnets that may or may not be conneceted to ports on my ASA. I need to exclude my workstation IP address from being flagged as a threat. Anyone know how to do this?

Thanks

Gene

1 ACCEPTED SOLUTION

Accepted Solutions

Re: How do you exclude an IP address from Threat Detection in AS

Gene,

you may try:

e.i, your host IP conducting scans : 20.20.20.20

threat-detection scanning-threat shun except ip-address 20.20.20.20 255.255.255.255

Go over this link

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/t.html#wp1499634

5 REPLIES 5

Re: How do you exclude an IP address from Threat Detection in AS

Gene,

you may try:

e.i, your host IP conducting scans : 20.20.20.20

threat-detection scanning-threat shun except ip-address 20.20.20.20 255.255.255.255

Go over this link

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/t.html#wp1499634

Beginner

Re: How do you exclude an IP address from Threat Detection in AS

Hello,

will the exclusion work even if I don't have enabled the shun option yet?

Frequent Contributor

Re: How do you exclude an IP address from Threat Detection in AS

Is this Firepower related?
Can I quickly "except a host from Firepower scan" with this command?
Beginner

Re: How do you exclude an IP address from Threat Detection in AS

It's ASA Threat detection feature
Highlighted
am. Beginner
Beginner

Re: How do you exclude an IP address from Threat Detection in AS

How to disable/deleted it?