Hi, I'm having trouble configuring Threat-detection and QoS polices at the same time.
The problem is that if I have QoS rules enabled, this is policing a traffic defined by ACLs, I can't enable at the same time the threat-detection feature "Shun hosts detected by scanning threat" because it shuns the hosts on which there is applying the policing.
I suppose this is because the policing is based in hits on ACL's so the ASA thinks this is an attack.
So, how can I resolve this? How can I have policing and shunnig enabled at the same time?