Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
322
Views
0
Helpful
1
Replies

ASA 5510 with AIP-SSM

rv_viji
Level 1
Level 1

‎07-24-2007 12:01 AM - edited ‎03-11-2019 03:48 AM

We are planning to deploy ASA 5510 with AIP-SSM in Transparent mode between VPN device and our internal firewall.

The Outside interface of ASA would be directly connected to Inside interface of VPN device.

The Inside interface of ASA would not be directly connected to Internal Firewall and would be connected through a L2 Switch.

Both the internal firewall interface and ASA inside interface would be in the same VLAN(for eg. VLAN 200) in that L2 switch.

Can anyone confirm if this design is feasible and that ASA would still act in inline mode and does traffic inspection using AIP module without any bottlenecks.

Regards

Labels:
0 Helpful
1 Reply 1

tahequivoice
Level 2
Level 2

‎07-24-2007 08:07 AM

I believe you want the traffic to pass through the ASA-IPS. If it isn't passing through it, it cant inspect it. What you described above doesn't document your traffic flow. The physical connections OTOH don't matter, what matters is how the traffic is flowing.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card