Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2845
Views
5
Helpful
1
Replies

ASA FirePOWER - Inline Tap Mode

Daniel Stefani
Level 1
Level 1

‎03-10-2016 02:12 PM - edited ‎03-12-2019 05:55 AM

Hello,

I would like to understand the configuration of Inline Tap Mode in ASA with FirePOWER.

To operate in this mode, I need to configure the ASA policy-map to monitor-only or can keep inline and create an Intrusion-Policy on FMC with Drop When Inline option disabled?

What would be the right option?

Regards,

Daniel Stefani

Labels:
0 Helpful
1 Reply 1

yogdhanu
Cisco Employee
Cisco Employee

‎03-23-2016 01:44 AM

Hi Daniel, Configuring ASA with monitor only would just send a copy of traffic to Firepower and not the actual traffic so that's passive mode. It can be configured inline and then use an intrusion policy with "drop when inline" option disabled. You would need to make sure that there is no access rule in access control policy which has action as block so that no other traffic is dropped. Let me know if it helps. Thanks, Yogesh
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card