Just brought a SSM online

HMidkiff · ‎09-23-2010

I just brought an SSM online. I think it is working but when I go in the module and do a show statistics I really don't see anything? Am I looking in the wrong place? Can you see a better representation of what is going on from the ASDM?

Harrison

praprama · ‎09-23-2010

Hi,

On the ASA, please do a "show service-policy" to see if packets are being re-directed to the SSM module. On the sensor, you can look at the output of "show statictics virtual-sensor" to see how if packets are being processes by the module.

Hope this helps!!

Thanks and Regards,

Prapanch

Panos Kampanakis · ‎09-29-2010

You can also run a packet tracer for an imaginary packet and see if it is going to hit your SSM module.

To divert traffic from the ASA ro the module you will need something like

access-list ssm-acl extended permit 

class-map csc-class
 match access-list ssm-acl

policy-map global_policy
 class ssm-class
  csc fail-open

I hope it helps.

PK