Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AIP SSM20 no alerts visible

Dear Techies/ Experts

I have 5540 with AIP SSM 20 and I have upgraded the sensor to 6.2.

As per cisco doc I have send all the ip and icmp traffic to AIPSSM 20 .

I kept one pc inside and one pc outside in firewall and one pc for manageement for the IPC

I can ping from insidde pc and outside pc vice versa.

I have configured AIP SSM 20

but I did not see any traffic coming to the AIP SSM.

I tried with ping and telnet

but no results now really frustrated.

here is my ASA config to send traffic to AIP SSM

________________

class-map ips

match access-list ips

policy-map ips

class ips

service-policy ips global

___

access-list ips extented permit ip any any

access-list ips extented permit icmp any any

_______________________________

HERE is the IPS config

___________________

sensor# configure terminal

sensor(config)# service analysis-engine

sensor(config-ana)#

Step 3 Add a virtual sensor.

sensor(config-ana)# virtual-sensor vs1

sensor(config-ana-vir)#

Step 4 Add a description for this virtual sensor:

sensor(config-ana-vir)# description virtual sensor 1

Step 5 Assign an AD policy and operational mode to this virtual sensor:

sensor(config-ana-vir)# anomaly-detection

sensor(config-ana-vir-ano)# anomaly-detection-name ad1

sensor(config-ana-vir-ano)# operational-mode learn

Step 6 Assign an event action rules policy to this virtual sensor:

sensor(config-ana-vir-ano)# exit

sensor(config-ana-vir)# event-action-rules rules1

Step 7 Assign a signature definition policy to this virtual sensor:

sensor(config-ana-vir)# signature-definition sig1

Step 8 Assign the interface to one virtual sensor:

sensor(config-ana-vir)# physical-interface GigabitEthernet0/1

one last thing I have upgraded the sensor to 6.2 ?

is it any problem on that ?

Experts please shower your valuable suggestions and solution and I badly need help plz

146
Views
0
Helpful
0
Replies