hi everyones,

need so expert to help me. actually im running ASA 5510 (8.2) with AIP-SSM-10 (6.0) but there is no traffic yet pass to IPS. what should i do? can i used command like this????

hostname(config)# access-list IPS permit ip any any

hostname(config)# class-map my-ips-class

hostname(config-cmap)# match access-list IPS

hostname(config-cmap)# policy-map my-ips-policy

hostname(config-pmap)# class my-ips-class

hostname(config-pmap-c)# ips promiscuous fail-close

hostname(config-pmap-c)# service-policy my-ips-policy global

hostname(config)# access-list my-ips-acl permit ip any 10.1.1.0 255.255.255.0

hostname(config)# access-list my-ips-acl2 permit ip any 10.2.1.0 255.255.255.0

hostname(config)# class-map my-ips-class

hostname(config-cmap)# match access-list my-ips-acl

hostname(config)# class-map my-ips-class2

hostname(config-cmap)# match access-list my-ips-acl2

hostname(config-cmap)# policy-map my-ips-policy

hostname(config-pmap)# class my-ips-class

hostname(config-pmap-c)# ips inline fail-open sensor sensor1

hostname(config-pmap)# class my-ips-class2

hostname(config-pmap-c)# ips inline fail-open sensor sensor2

hostname(config-pmap-c)# service-policy my-ips-policy interface outside