cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
565
Views
0
Helpful
1
Replies

How to design Remote access VPN with IPS Module on ASA 5505

Hi All,

I am proposing Remote access VPN solution to my client as per the attached diagram. However they are required IPS solution as well.

So in this case i dont think i can implement the IPS with outside interface in inline mode because of the encrypted traffic. Is it feasible if i enable IPS with inside interfce ?

Can any one help on this. Thanks a lot in advance.

Regards

S.Rajkumar

1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

Yes, what traffic you would like to send to be inspected by the IPS module on the ASA firewall is determined by access-list on the ASA firewall.

You can identify traffic between the remote vpn access pool towards the internal network and vice versa to be inspected by the IPS module.

Hope this helps.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: