Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Using an ASA's AIP SSM module to inspect traffic going into and coming out

I am having trouble inspecting network traffic on an ASA that is being

<br />used as a VPN Concentrator. Based on some documentation I have

<br />recently come upon it eludes that this may not even be possible based

<br />on the fact the logical inspection point in the ASA is sandwiched

<br />between the firewall policy and VPN policy.

<br />

<br />I guess my question is whether the ASA with AIP SSM is even capable of

<br />doing what I would like to do and if it is could you point towards any

<br />specific documentation that covers this configuration.

<br />

<br />Thanks in advance for the responses.

1 REPLY

Re: Using an ASA's AIP SSM module to inspect traffic going into

Hi,

This is definetely possible ..  I have done it several times.  I suggest o check this link which will give you an idea of what you need to do.

http://www.cisco.com/en/US/docs/security/ips/5.0/configuration/guide/cli/clissm.html#wp1030972

I hope it helps  ..  please rate helpful posts

 

 

107
Views
0
Helpful
1
Replies