- last edited on
I am proposing Remote access VPN solution to my client as per the attached diagram. However they are required IPS solution as well.
So in this case i dont think i can implement the IPS with outside interface in inline mode because of the encrypted traffic. Is it feasible if i enable IPS with inside interfce ?
Can any one help on this. Thanks a lot in advance.
Yes, what traffic you would like to send to be inspected by the IPS module on the ASA firewall is determined by access-list on the ASA firewall.
You can identify traffic between the remote vpn access pool towards the internal network and vice versa to be inspected by the IPS module.
Hope this helps.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: