Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1436
Views
0
Helpful
1
Replies

SourceFire 5.3.1 ASA not applying Access Control policy

Arnold Montemayor
Level 1
Level 1

‎03-10-2015 08:03 AM - edited ‎03-12-2019 05:38 AM

All,

I have a pair of ASA 5525 (9.3.1) running SourceFire (5.3.1).  I currently have the ASA passing the traffic to the SF via sfr fail-open monitor-only.  I'm doing this make sure the rules are being applied correctly.  Traffic passes, to the SF, and the global black list works, but none of the rules are being hit under Policies--Access Control--Rules.  As I said the Global black List is being hit and is is configured under the same Access Control policy.

Again, I understand that no traffic will actually be blocked, but it should show in the SF console that is was blocked.  The Global Black List certainly behaves this way.

 

Can someone point me in the right direction?

 

Best regards.

derek

Labels:
0 Helpful
1 Reply 1

dohurd
Cisco Employee
Cisco Employee

‎03-10-2015 02:05 PM

This isn't API related so I don't have the knowledge to hand.  You _should_ be able to get help from the TAC however.  +1.410.423.1901 or email support@sourcefire.com

 

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card