Hi all. I have a AIP-ssm 10 and I created two class-map.. one for inside and one for the outside.. and applyed like the following.
I also tryed with the global policy but the result was the same... I don't get nothing in the alerts... when i receive something... is from the inside network..
But from outside.. i have nothing... and I tryed to make some scans.. but.. nothing happend...
Here is the configuration of the IDS....
Thanks in advance...
! ------------------------------
! Current configuration last modified Thu Jan 28 18:05:49 2010
! ------------------------------
! Version 7.0(2)
! Host:
! Realm Keys key1.0
! Signature Definition:
! Signature Update S458.0 2010-01-04
! Virus Update V1.4 2007-03-02
! ------------------------------
service interface
exit
! ------------------------------
service authentication
exit
! ------------------------------
service event-action-rules rules0
exit
! ------------------------------
service host
network-settings
host-ip 192.168.100.201/24,192.168.100.1
host-name IPS02
telnet-option disabled
access-list 10.10.110.0/24
access-list 172.27.1.0/24
access-list 172.27.20.0/24
dns-primary-server enabled
address 172.27.1.7
exit
dns-secondary-server enabled
address 172.27.1.3
exit
dns-tertiary-server enabled
address 172.27.1.8
exit
exit
time-zone-settings
offset -180
standard-time-zone-name GMT-03:00
exit
ntp-option enabled-ntp-unauthenticated
ntp-server 172.27.1.7
exit
exit
! ------------------------------
service logger
exit
! ------------------------------
service network-access
exit
! ------------------------------
service notification
exit
! ------------------------------
service signature-definition sig0
exit
! ------------------------------
service ssh-known-hosts
exit
! ------------------------------
service trusted-certificates
exit
! ------------------------------
service web-server
exit
! ------------------------------
service anomaly-detection ad0
exit
! ------------------------------
service external-product-interface
exit
! ------------------------------
service health-monitor
exit
! ------------------------------
service global-correlation
exit
! ------------------------------
service analysis-engine
virtual-sensor vs0
anomaly-detection
operational-mode detect
exit
physical-interface GigabitEthernet0/1
exit
exit