cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
772
Views
5
Helpful
6
Replies

ASA firepower module Configuration help

kajumblies15
Level 1
Level 1

Hello, 

I am working on an ASA 5555x with a firepower module. I am struggling to determine if my configurtation is working in regards to traffic making it to the module and back out to the ASA. What i am attempting to achieve here is all traffic coming in should do their normal ACL check then go to the firepower module and be ether allowed or denied based upon an access control rule in the ASA Firepower configuration section of ASDM. I would like to see traffic stop making it across if i set the access control rule on the module to block right now its not working. I have created the service policy to redirect to the module but i cannot tell if its working since the block access control policy is not working. 

Thank You

1 Accepted Solution

Accepted Solutions

Use the command "clear service-policy global" to clear the statistics for the policy map counters.  This will make it easier to see the counter increase or not.  If it is not increasing it possibly means that there is an issue with traffic matching in the class-map.

But as I requested earlier, it will be a little easier to understand what is happening if we see the configuration of the devices in question.  Please remember to remove any  sensitive information from the configuration such as usernames, passwords and public IPs before posting it to the forum.

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

6 Replies 6