IPSEC VPN & IPS Module

Unanswered Question
Dec 30th, 2008

I have the firewall and it is working perfectly. I have not configured the IPS Module yet. I have IPSEC VPN also configured for the remote offices and it is working perfectly.

I want to enable IPS Module in the firewall. I want to know how to pass the IPSEC traffic into to IPS Module.

1. Whether it is possible to scan the IPSEC VPN traffic in IPS Module before allowing it to Inside zone (Trusted Zone)

regards,

R.B.KUMAR

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rmeans Wed, 12/31/2008 - 08:36

I am assuming you are referring to the ASA and the IPS module installed. The default ASA configuration includes a default policy map applied globally with the service policy command. You configuration might look something like:

class-map ips_class_map

match any

policy-map global_policy

class ips_class_map

ips inline fail-open

service-policy global_policy global

hclisschennai Wed, 12/31/2008 - 20:43

Thankyou for your response.

But my query is whether IPSEC VPN traffic will be inspected using IPS Module.

If so, When it will be inspected for IPS Signature.

regards,

R.B.KUMAR

rmeans Wed, 12/31/2008 - 21:59

Yes, the IPSec VPN traffic will be inspected by the IPS module. VPN traffic will be decrypted before being passed to the IPS module.

I am not sure I understand your question,

When it will be inspected for IPS Signature

Actions

This Discussion