11-11-2016 12:07 AM - edited 03-12-2019 01:31 AM
Hi,
I have implemented Firepower Intrusion detection on my ASA 5525-X, and how a question: One of the rules blocks traffic between 2 hosts, but I do not want this traffic to be blocked between these hosts. I want the rule to be active, but how can I prevent the rule to block traffic between these 2 hosts, while blocking traffic for other hosts that are hit by the rule?
Br,
Thor-Egil
Solved! Go to Solution.
11-11-2016 04:01 AM
Hello, this can be achived by implementing Access control rule for those two hosts. Let's assume, you need to disable IPS Policy for traffic between 192.168.1.5 and 172.16.1.5. Inseret the new access rule above the rule with IPS policy configured. Choose the "trust" action for new rule. See the attach.
Alternatively, if you don't want to disable IPS between two hosts completely, you can create a new IPS policy with the signature which blocks traffic between two hosts currently setted to disabled state. After that create the new access rule as in the first example but with action "Allow", and implement a new IPS policy with disabled signature.
11-11-2016 04:01 AM
Hello, this can be achived by implementing Access control rule for those two hosts. Let's assume, you need to disable IPS Policy for traffic between 192.168.1.5 and 172.16.1.5. Inseret the new access rule above the rule with IPS policy configured. Choose the "trust" action for new rule. See the attach.
Alternatively, if you don't want to disable IPS between two hosts completely, you can create a new IPS policy with the signature which blocks traffic between two hosts currently setted to disabled state. After that create the new access rule as in the first example but with action "Allow", and implement a new IPS policy with disabled signature.
11-11-2016 04:06 AM
Thanks, your first solution will work for me.
Br,
Thor-Egil
08-02-2018 05:53 AM
Thanks so much. This was the solution I needed for fix a Site-Site Hyper-V replication problem.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide