1) You have not configured an access-list no your AIM-IPS. With the default configuration the AIM-IPS will not allow any remote connections.
You will need to session to the AIM-IPS and run the "setup" command. One of the option in "setup" is to modify the access-list. You will need to add in the IP address (or entire network) for the box where you want to run IDM.
2) Your route statement in the router config is using the wrong address.
"ip route 22.214.171.124 255.255.255.255 IDS-Sensor0/1"
"ip route 126.96.36.199 255.255.255.255 IDS-Sensor0/1"
Notice the difference in 188.8.131.52 and 184.108.40.206 between the 2 commands.
Once you've made these changes, then try your ping test again. If the ping works, then next try an ssh connection to the sensor.
If both of these are working, then try browsing to the sensor "https://220.127.116.11" and you shoudl be able to start up IDM for managing the sensor.
NOTE: Once you get IDM running, then you might consider downloading and installing IME. IME has the same configuration capability of IDM, but also has monitoring capability that IDM does not have.
From a monitoring perspective there are some additional things you need to know.
1) When you run "setup" you will be given the option for modifying the virtual sensors. You want to choose "yes", and you will want to add the GigabitEthernet0/1 interfaces to virtual sensor vs0 for monitoring.
Without this setting the packets might get to the AIM-IPS but the AIM-IPS will not do any analysis on them.
2) To best test the AIM-IPS's monitoring capability you really need packets to flow Through the router.
So I would recommend enabling the FastEthernet0/1 interface of your router and giving it an address on a new network (18.104.22.168 maybe for the network and 22.214.171.124 as the router's address).
Then connect a new machine to this router's interface and give it an IP on that new network (126.96.36.199 maybe).
You will need to be sure that routes for this new network are properly configured for the machines in your 188.8.131.52 network.
Now send traffic between a machine on the 184.108.40.206 network and the new machines on the 220.127.116.11 network. That traffic will be routed through the router, and if matched by the access-list 101 it should be sent to the AIM-IPS for inline monitoring.
You can run "packet display GigabitEthernet0/1" on the AIM-IPS to see what traffic is being sent to the AIM-IPS by the router for monitoring.
Now that you have traffic going through the router and being monitored by the AIM-IPS you can proceed with trying to generate attack traffic that the AIM-IPS should alert on and possibly deny.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...