07-13-2009 12:55 AM - edited 03-10-2019 04:41 AM
Hi all,
We purchased an AIP-SSM-20 for our ASA5520. Is there a way to enable IPS functionality, but not block anything, i.e. just log events? This is just to see if any legitimate company traffic will be blocked.
Thanks!
Jacques
Solved! Go to Solution.
07-13-2009 10:33 AM
Configure the ASA to send traffic to the IPS in promiscuous mode using the following command in a policy-map:
hostname(config-pmap-c)# ips {inline | promiscuous} {fail-close |
fail-open} [sensor {sensor_name | mapped_name}]
http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5500/quick/guide/aipssm.html
Geroge
07-13-2009 10:33 AM
Configure the ASA to send traffic to the IPS in promiscuous mode using the following command in a policy-map:
hostname(config-pmap-c)# ips {inline | promiscuous} {fail-close |
fail-open} [sensor {sensor_name | mapped_name}]
http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5500/quick/guide/aipssm.html
Geroge
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide