Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
428
Views
0
Helpful
2
Replies

ASA5520 IPS, not seeing any traffic

rmaxson2
Level 1
Level 1

‎02-12-2008 10:36 AM - edited ‎03-10-2019 03:59 AM

I have the IPS set to promiscuous mode.

Have a policy map set don't see it doing anything I get no reports or logs I see no traffic on it.

How do you know what it's doing? or get it to do something?

I don't even know what questions to ask as the documentation for this thing is horrible.

access-list IPS extended permit ip any any

access-group Outside_access_in in interface Outside

access-group Inside_access_in in interface Inside

route Outside 0.0.0.0 0.0.0.0 xx.xx.xxx.1 1

route Inside 10.0.0.0 255.0.0.0 10.1.7.50 1

class-map IPS-CLASS

match access-list IPS

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

message-length maximum 1024

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

inspect icmp

class IPS-CLASS

ips promiscuous fail-open

Labels:
0 Helpful
2 Replies 2

abinjola
Cisco Employee
Cisco Employee

‎02-12-2008 01:05 PM

sh run service-policy (will tell you if this policy is applied anywhere)

sh service-policy (will tell you if IPS is inspecting)

0 Helpful

doering
Level 1
Level 1

‎02-12-2008 02:42 PM

Have you configured the AIP-SSM yet? You currently show the ASA configuration. And it looks like your going to send traffic to the AIP. Could you session into the AIP from the ASA and make sure that you have configured it as well?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card