AIP SSM20 no alerts visible

Unanswered Question
Mar 11th, 2009
User Badges:

Dear Techies/ Experts

I have 5540 with AIP SSM 20 and I have upgraded the sensor to 6.2.

As per cisco doc I have send all the ip and icmp traffic to AIPSSM 20 .


I kept one pc inside and one pc outside in firewall and one pc for manageement for the IPC

I can ping from insidde pc and outside pc vice versa.

I have configured AIP SSM 20

but I did not see any traffic coming to the AIP SSM.

I tried with ping and telnet

but no results now really frustrated.


here is my ASA config to send traffic to AIP SSM

________________


class-map ips

match access-list ips

policy-map ips

class ips

service-policy ips global

___

access-list ips extented permit ip any any

access-list ips extented permit icmp any any

_______________________________


HERE is the IPS config

___________________

sensor# configure terminal

sensor(config)# service analysis-engine

sensor(config-ana)#

Step 3 Add a virtual sensor.

sensor(config-ana)# virtual-sensor vs1

sensor(config-ana-vir)#

Step 4 Add a description for this virtual sensor:

sensor(config-ana-vir)# description virtual sensor 1

Step 5 Assign an AD policy and operational mode to this virtual sensor:

sensor(config-ana-vir)# anomaly-detection

sensor(config-ana-vir-ano)# anomaly-detection-name ad1

sensor(config-ana-vir-ano)# operational-mode learn

Step 6 Assign an event action rules policy to this virtual sensor:

sensor(config-ana-vir-ano)# exit

sensor(config-ana-vir)# event-action-rules rules1

Step 7 Assign a signature definition policy to this virtual sensor:

sensor(config-ana-vir)# signature-definition sig1

Step 8 Assign the interface to one virtual sensor:

sensor(config-ana-vir)# physical-interface GigabitEthernet0/1


one last thing I have upgraded the sensor to 6.2 ?

is it any problem on that ?


Experts please shower your valuable suggestions and solution and I badly need help plz




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion