cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
377
Views
0
Helpful
2
Replies

AIP-SSM outside inside dmz

alexispino
Level 1
Level 1

hi

I'm reviewing the situation next three traffic zones outside, inside, DMZ,

service-policy xxxx-policy interface outside

service-policy xxxx-policy interface inside

service-policy xxxx-policy interface dmz_stgo

and I need to lower the level of examination but only in one area, which is the area inside,

such outside high-DMZ

DMZ-outside high

inside low-DMZ

2 Replies 2

rhermes
Level 7
Level 7

Please give us some additional detail on whatyou mean by "lower the level of examination" on one of your interfaces. Did you want to apply a subset of the signatures? (then you'd go down the virtual sensor path) Or, did you want to filter the IP addresses/port reaching the sensor on that interface? (then you'd adjust the class-map ACL)

ok I have a situation where some companies want to change but the signatures are applied only to traffic from inside to DMZ

and the class-map

access-list xxxx permit ip any any

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: