Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
796
Views
0
Helpful
1
Replies

Firepower 7125 questions

tahscolony
Level 1
Level 1

‎03-30-2016 11:00 AM - edited ‎03-10-2019 06:35 AM

If I understand this correctly on this appliance, if I want to use 2 interfaces for inline IPS for the public side, I can do this, and use another interface as the span port for internal networks. Sort of like what doing contexts on the ASA's does. Is this correct?

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-30-2016 05:41 PM

You can use the interfaces thus.

It would make sense to have different polices since the passive interface (the one connected to a span port) cannot block traffic - only inform you about it.

Contexts on an ASA normally all perform the full stateful firewall functions but they are similar in that each can have a different policy and serve different purposes.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card