Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2022
Views
0
Helpful
2
Replies

Firepower Trust action

Go to solution
sajid231088
Level 1
Level 1

‎08-04-2021 10:35 PM

Hi Team,

Hope you all are doing good.

please help me in below.
let take a example that we have Cisco IPS connected outside interface with Internet router and Inside conneted with Server.

As a testing i will attack on the server from outside and i want IPS to detect these attack not to block so for that do i have to configure access control rule with action Trust or do i have to create some other rules ?

my requirement is very simple i want IPS to detect all those attacks originated from source X to destination Y, I dont want these attacks to be blocked by IPS


please suggest.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-05-2021 07:53 PM

Do not use a trust rule - that will bypass the IPS rules for the configured flow.

Instead use an allow rule for the source of the simulated attack with a custom IPS policy whose rules are all set to detect (and not block/drop).

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-05-2021 07:53 PM

Do not use a trust rule - that will bypass the IPS rules for the configured flow.

Instead use an allow rule for the source of the simulated attack with a custom IPS policy whose rules are all set to detect (and not block/drop).

0 Helpful

Go to solution
sajid231088
Level 1
Level 1
In response to Marvin Rhoads

‎08-06-2021 09:01 PM

Hi Marvin,

Thanks for your response.

 

 

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card