Hi Everyone,

I am very new to working with these devices but am looking for some help in getting the AIP-SSM10 to scan FTP traffic that passes the FW. I have generated the traffic (FTP) and it has been successful, but it doesnt seem to go via the IDS as I get "no processed packets",

Can anyone tell me if I am missing anything? Would be great if someone could help and thanks in advance,

Dan

This is my config:

class-map inspection-AIP-SSM-Cmap
match access-list AIP-SSM
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
  message-length maximum 512
policy-map inspection-AIP-SSM-Pmap
class inspection-AIP-SSM-Cmap
  ips inline fail-close
policy-map global_policy
class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
!
service-policy global_policy global
service-policy inspection-AIP-SSM-Pmap interface Process1
service-policy inspection-AIP-SSM-Pmap interface Process2
service-policy inspection-AIP-SSM-Pmap interface Process3
service-policy inspection-AIP-SSM-Pmap interface Information
service-policy inspection-AIP-SSM-Pmap interface Supervisory
service-policy inspection-AIP-SSM-Pmap interface NMS
service-policy inspection-AIP-SSM-Pmap interface Remote-Access
service-policy inspection-AIP-SSM-Pmap interface Outside
prompt hostname context

access-list AIP-SSM; 2 elements; name hash: 0x32415518
access-list AIP-SSM line 1 remark ###ACL for Diverting Traffic to AIP-SSM###
access-list AIP-SSM line 2 extended permit tcp host 10.11.120.99 host 10.11.121.3 eq ftp (hitcnt=6) 0xc2d99a28
access-list AIP-SSM line 3 extended permit ip any any (hitcnt=40488) 0x2972bc2a