IPS connected with ASA is not able to inspect the traffic and signature update gets failed.
All sensors should have a virtual sensor assigned to them so they can inspect traffic.
Run the following commands to assign the virtual sensor
From the ASA
"do sh service-policy" and determine how many packets are being exchanged between the IPS and the ASA
Is it possible for SSM-20 to stream to syslog? User can't find any mention in the documentation on how to configure this.The objective is simple: all SSM-20 generated events are sent to syslog using the good old UDP method.Then the syslog server will do some data mining;User is using Manage Engine's product which has produced great results with other Cisco devices. If the SSM-20 CAN NOT stream to syslog directly what ideas do experts have in order to get those events pushed to syslog? Could the ASA be used as a proxy?
No, you can't send events to the ASA.
SNMP Traps was the workaround. There is no syslog for signature events on Cisco IPS Sensors. Now if you want to wait till you get a Sourcefire image running on a 5500-X platform, THEN you can get syslogs.
Hello All, I am facing issue in Cisco ISE for Wired Users and would like to get your help. Below are the details 1. We are using ISE version 2.7. 2. Two different series of Cisco Switches 2960x and 9200 3. No issue faced by users who a...
Hi ,I would like to ask about the VRF . I don't much knowledge in VRF. our DC router have 2 VRF to sperate remote user and our branch user. We apply ipsec profile on WAN interface which connected to branches router.But our branch router don't run VR...