We have Cisco ASA (5500 series) with an IPS module.
I am trying to figure out how to unblock a computer that has been blocked by our IPS. I think the command is "no shun <ip address>" but that has no effect. I run that command in the ASDM GUI and it looks like it runs with no errors but the client computer is still blocked. How do I unblock an "attacker/victim pair" blockage? Maybe my assumption is wrong about how this actually is implemented. I assumed that the IPS was running a "shun" command in the firewall but now I am guessing that is wrong.
We are using the IPS Manager Express version 7.2.1
Any help on how to unblock an IP pair would be much appreciated.
Thanks for your help with this issue. I should have been a little more specific. I am not trying to figure out how to prevent blockage in the future, I want to immediately unblock an IP that was blocked by a rule (we are testing a custom rule so we are intentionally triggering the rule).
This document provides a configuration example of Security Assertion Markup Language (SAML) Authentication on FTD managed over FDM. The configuration allows Anyconnect users to establish a VPN session authenticating with a SAML Identity Serv...
DMVPN Dual Hub Dual Cloud Pros and ConsProsNo single point of failureQuick failover if routing protocols are tunedLoad balancing is easyTraffic engineering is easyEasy to work with multiple ISPsConsNeed 2 tunnels per spokeConfiguration is more complicated...
I had in the past an issue when migrating Cisco Cloud Web Security to Cisco Umbrella for a Customer. The Cisco ASA Firewall blocks the DNScrypt provided by the Cisco Umbrella Virtual Appliance.The issue is solved by disabling DNS packet inspection between...
Network Security All-in-one Version 1.4: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security This book is written for Network engineers working in the Security field and to prepare the CCNP Security exam, it includes Cisco ASA Firewall, ASA with Fire...
This document describes how to configure the Cisco L3 devices to forward DHCPv6 information to ISE for profiling purpose. Note that although Cisco IOS doesn’t support DHCPv6 via device sensor it still sends IPv6 via RADIUS accounting which i...