01-06-2016 07:11 PM - edited 03-10-2019 06:32 AM
Hello,
I just have new ASA 5555-X with IPS activate planning to setup. However, how to setup so the IPS just running as a monitoring mode with so I can more easy to tune before active it.
Because even running promiscuous mode active take action to block the traffic which I wanna it should passing through.
Thanks!
Solved! Go to Solution.
03-09-2016 04:16 AM
If the IPS is the Firepower module, here is the guide for installing:
http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html
You will need to use "monitor-only" to use it as an IDS instead of IPS.
sfr fail-open monitor-only
03-09-2016 04:16 AM
If the IPS is the Firepower module, here is the guide for installing:
http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html
You will need to use "monitor-only" to use it as an IDS instead of IPS.
sfr fail-open monitor-only
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide