Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,I have tried the following configuration in my lab for a RSA-SIN site-to-site VPN with one of the routers acting as the hub/ca. Although it is working, i would like you to comment the configuration on how to make it better from security perspec...
Hi guys,I have an asa 5510 with aip-ssm installed. I have a DMZ with security level 90 where a web server is located.When AIP-SSM is in inline mode i get the following message 4 Oct 05 2010 14:37:15 WEB 80 x.x.x.x 30115 IPS r...
Hi,I have a layer 3 switch with several vlans.On vlan 5 (1.1.1.0/24) there is a router that has ipsec l2l with a remote site.The problem is that, my users, have as default gateway the interface vlan 5 ip address (1.1.1.1./24) so the cannot access the...
Hello,I have configured dual ISP on my ASA Firewall for redundancy. Everything is working fine. When my first link becomes unavailable the asa switches to the backup link, but when my primary link is online again the asa never switches to my primary ...
Hello,I have a case that i am trying to solve and i could use some help.Let me first describe the situation and then we will move on to possible design solutions.I i have a customer with the below simple topology :Internet-Router | ASA ...
No i don't have any blocked hosts or networks, the sensor is working fine now without denying any traffic... , although this is good news i do not understand why the other signatures are not show on the IPS Manager...Thanks for your help Prapanch.
Yes, the produce alert action is configured on all signatures. See the attached for the event filter configuration.As for now, the sensor is in inline mode without dropping any traffic. From the show virtual sensor statistics command i see that the c...
The counters of those signatures are keep increasing.Sig 3051.0 = 297388Sig 3051.1 = 637689Sig 6009.0 = 637689I am not seeing any of these signatures on the IPS Manager Real Time Event Viewer.
I have the sensor now inline, i am seeing the top signatures (3051.0-1,6009.0) counters to increase among others, i am not seeing yet any packet to get dropped -that's strange-. The only signature that i see on the IME real time event viewer is 7072 ...
I understand that the bold part is the one that we are interested in.I can see now that many signatures where firing up blocking hosts but why they didn's show up on the IPS Manager ?Here is the output :Virtual Sensor Statistics Statistics for Virt...
