IDS Intrusion Prevension Allow IP/Subnet question

Unanswered Question
Aug 27th, 2008

I'm running an ASA-SSM10 on our ASA5520.

At the moment we are droping packets from few signatures only.

Is there a way to tell the sensor to bypass specific ip's or subnets so they don't get dropped?

When we first installed it and ran it, trusted ip from L2L tunnels were getting dropped, and the only way to fix this was to disabled or reconfigured the signature to not to drop the packets.

Thanks,

Zeek

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smalkeric Tue, 09/02/2008 - 13:34

Sensing interfaces are used by the sensor to analyze traffic for security violations. A sensor has one or more sensing interfaces depending on the sensor.Sensing interfaces can operate individually in promiscuous mode or you can pair them to create inline interfaces for inline sensing mode


The following URL may help to more information:

http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliInter.html#wp1051279

Actions

This Discussion