Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
435
Views
0
Helpful
2
Replies

IPS white list and virus signatures drop

edgar-quintana
Level 1
Level 1

‎02-11-2008 02:19 AM - edited ‎03-10-2019 03:59 AM

Hi,

Two questions:

1º Is good to drop all high virus signatures?

2º IPS is activated to inside interface, this interface supports vpn conection.

There is activated drop icmp attacks, but sometimes, packets from VPN are dropped.

Is possible to add/create a white list with vpn /lan ip addresses to exclude them from the analisis/drop?

Best regards

Labels:
0 Helpful
2 Replies 2

rhermes
Level 7
Level 7

‎02-11-2008 08:29 AM

To answer your second question, you can exclude actions from a particular host with an Event Action Filter. If you're running 6.0 and use the CLI, this is what you'd want to read:

http://cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00807517b6.html#wp1030749

0 Helpful

edgar-quintana
Level 1
Level 1
In response to rhermes

‎02-11-2008 09:14 AM

I use 2821 cisco router

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card