02-11-2008 02:19 AM - edited 03-10-2019 03:59 AM
Hi,
Two questions:
1º Is good to drop all high virus signatures?
2º IPS is activated to inside interface, this interface supports vpn conection.
There is activated drop icmp attacks, but sometimes, packets from VPN are dropped.
Is possible to add/create a white list with vpn /lan ip addresses to exclude them from the analisis/drop?
Best regards
02-11-2008 08:29 AM
To answer your second question, you can exclude actions from a particular host with an Event Action Filter. If you're running 6.0 and use the CLI, this is what you'd want to read:
02-11-2008 09:14 AM
I use 2821 cisco router
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide