Configuring AIP SSM to monitor only

Answered Question
Jul 13th, 2009
User Badges:

Hi all,


We purchased an AIP-SSM-20 for our ASA5520. Is there a way to enable IPS functionality, but not block anything, i.e. just log events? This is just to see if any legitimate company traffic will be blocked.


Thanks!

Jacques

Correct Answer by gbekmezi about 7 years 8 months ago

Configure the ASA to send traffic to the IPS in promiscuous mode using the following command in a policy-map:


hostname(config-pmap-c)# ips {inline | promiscuous} {fail-close |

fail-open} [sensor {sensor_name | mapped_name}]


http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5500/quick/guide/aipssm.html


Geroge

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.

Actions

This Discussion