Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1363
Views
0
Helpful
4
Replies

AA 5506 as a IDS

Travis Marzo
Level 1
Level 1

‎10-23-2015 07:26 AM - edited ‎03-12-2019 05:47 AM

I have a spare 5506w that I am looking to use as an IDS sensor in my environment. We already own a SourceFire license for this box. What I'm looking to do is configure a SPAN port on my 5ks, have the 5506 monitor traffic and report back to my defense center. SPAN port is already configured and sending traffic. ASA is not capturing the traffic. Is there a way to configure the ports on the ASA to be promiscuous? 

Labels:
0 Helpful
4 Replies 4

Aastha Bhardwaj
Cisco Employee
Cisco Employee

‎10-23-2015 11:51 AM

Hi,

 

I think the command "traffic-forward sfr monitor-only" will help.

Refer the link : http://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/T-Z/cmdref4/t2.html#pgfId-1614309

 

Regards,

Aastha

Rate if that helps!!!

 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-24-2015 06:21 AM

In additions to the command Aastha mentioned, the ASA has to be in transparent mode for that command to be available. The default mode is routed.

Remember - switching modes will erase the current configuration on the ASA! So make sure you have a backup if the current configuration is important to you.

0 Helpful

Travis Marzo
Level 1
Level 1
In response to Marvin Rhoads

‎10-27-2015 10:51 AM

I've never worked with a transparent firewall before. How am I to manage it remotely? I was able to assign an IP address to the management port but unable to ping. I am sitting on the same subnet. I haven't been able to find any articles to point me in the right direction....

 

Thank you for all the help so far.   

0 Helpful

Aastha Bhardwaj
Cisco Employee
Cisco Employee
In response to Travis Marzo

‎10-27-2015 11:07 AM

Hi,

 

You can go through doc : http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/97853-Transparent-firewall.html

 

Regards,

Aastha Bhardwaj

Rate if it helps!!!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top