Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1018
Views
0
Helpful
1
Replies

ASA 5505 IDS Promiscuous setup

Brunhuber Adrian
Level 1
Level 1

‎05-07-2012 11:50 PM - edited ‎03-04-2019 04:17 PM

Hi , i need the comunity help in this matter.

I ordered a IPS module to a small ASA to replace a Snort IDS Server.
I want only to perform IDS and reporting (not inline)

The design (simplified) is

Drawing1.jpg

The problem is that i read this morning that ASA cannot handle this type of scenario, it can only analyse the traffic that is passing through it.

Is there a chance to make this work ?

Thanks.

Labels:
0 Helpful
1 Reply 1

Adrian Aron
Cisco Employee
Cisco Employee

‎05-09-2012 12:30 AM

Hello Adrian,

Please have a look in a guide how to configure SSM in promiscuous mode, it should work as you expect.

http://www.cisco.com/en/US/docs/security/ips/6.1/configuration/guide/cli/cli_ssm.html

thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card