Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
167
Views
0
Helpful
1
Replies

IDS Intrusion Prevension Allow IP/Subnet question

Shannon Sutter
Level 1
Level 1

‎08-27-2008 09:05 AM - edited ‎03-03-2019 11:17 PM

I'm running an ASA-SSM10 on our ASA5520.

At the moment we are droping packets from few signatures only.

Is there a way to tell the sensor to bypass specific ip's or subnets so they don't get dropped?

When we first installed it and ran it, trusted ip from L2L tunnels were getting dropped, and the only way to fix this was to disabled or reconfigured the signature to not to drop the packets.

Thanks,

Zeek

Labels:
0 Helpful
1 Reply 1

smalkeric
Level 6
Level 6

‎09-02-2008 01:34 PM

Sensing interfaces are used by the sensor to analyze traffic for security violations. A sensor has one or more sensing interfaces depending on the sensor.Sensing interfaces can operate individually in promiscuous mode or you can pair them to create inline interfaces for inline sensing mode

The following URL may help to more information:

http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliInter.html#wp1051279

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card