Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2277
Views
0
Helpful
1
Replies

Sourcefire on ASA security Zone

relsethagen
Level 4
Level 4

‎03-10-2015 04:15 PM - edited ‎03-12-2019 05:38 AM

I am looking for some information on the ability to write Zone Based access Control rules using the Sourcefire on ASA module. I can create ASA security Zones which it looks like basically just associate the interfaces on the ASA with a security Zone, but I haven't been able to use these rules to block traffic. I have set up in the Global policy to redirect all traffic to the SF module, but I am a little unclear how and or if the SF module is aware of the traffic flow through interfaces on the ASA. If this awareness is not there then it seems to me that the security zone configuration is not at all useful when building Access policies for ASA SF modules. I would love some insight or documentation on how this process works but I cannot find it.

 

7 people had this problem
Labels:
0 Helpful
1 Reply 1

Arnold Montemayor
Frequent Visitor
Frequent Visitor

‎03-11-2015 11:30 AM

Greetings,

I'm running 5.3.1.2.  

I had all my rules in place, based on security zones (all zones pointing to appropriate interfaces on the ASAs) and none of the rules were being "hit".  I changed my rules from zones to  networks, and viola, everything is working just fine.

If anyone knows how to use a "Source Zone" in an "Access Control" policy, please let me know.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card