Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
632
Views
0
Helpful
1
Replies

AIP-SSM not gettint outside traffic

fabiossilva
Level 1
Level 1

‎01-28-2010 01:10 PM - edited ‎03-10-2019 04:52 AM

Hi all. I have a AIP-ssm 10 and I created two class-map.. one for inside and one for the outside.. and applyed like the following.

policy-map global_policy

class inspection_default

  inspect ftp

  inspect icmp

  inspect pptp

policy-map outside-policy

class outside-class

  ips inline fail-open

!

policy-map inside-policy

class inside-class

  ips inline fail-open

!
I also tryed with the global policy but the result was the same... I don't get nothing in the alerts... when i receive something... is from the inside network..
But from outside.. i have nothing... and I tryed to make some scans.. but.. nothing happend...
Here is the configuration of the IDS....
Could someone help me?
I Also tryed this solution... https://supportforums.cisco.com/message/1323736#1323736 but... has no effect....
Thanks in advance...
Fabio
! ------------------------------
! Current configuration last modified Thu Jan 28 18:05:49 2010
! ------------------------------
! Version 7.0(2)
! Host:
!     Realm Keys          key1.0
! Signature Definition:
!     Signature Update    S458.0   2010-01-04
!     Virus Update        V1.4     2007-03-02
! ------------------------------
service interface
exit
! ------------------------------
service authentication
exit
! ------------------------------
service event-action-rules rules0
exit
! ------------------------------
service host
network-settings
host-ip 192.168.100.201/24,192.168.100.1
host-name IPS02
telnet-option disabled
access-list 10.10.110.0/24
access-list 172.27.1.0/24
access-list 172.27.20.0/24
dns-primary-server enabled
address 172.27.1.7
exit
dns-secondary-server enabled
address 172.27.1.3
exit
dns-tertiary-server enabled
address 172.27.1.8
exit
exit
time-zone-settings
offset -180
standard-time-zone-name GMT-03:00
exit
ntp-option enabled-ntp-unauthenticated
ntp-server 172.27.1.7
exit
exit
! ------------------------------
service logger
exit
! ------------------------------
service network-access
exit
! ------------------------------
service notification
exit
! ------------------------------
service signature-definition sig0
exit
! ------------------------------
service ssh-known-hosts
exit
! ------------------------------
service trusted-certificates
exit
! ------------------------------
service web-server
exit
! ------------------------------
service anomaly-detection ad0
exit
! ------------------------------
service external-product-interface
exit
! ------------------------------
service health-monitor
exit
! ------------------------------
service global-correlation
exit
! ------------------------------
service analysis-engine
virtual-sensor vs0
anomaly-detection
operational-mode detect
exit
physical-interface GigabitEthernet0/1
exit
exit

Labels:
0 Helpful
1 Reply 1

Panos Kampanakis
Cisco Employee
Cisco Employee

‎01-31-2010 08:44 AM

Are you policy-map applied with a "service-policy"? Please make sure they do.

What traffic is the aip class-map matching? Is it matching all traffic? Please make sure it does.

PK

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card