Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5585-x IPS SSP

Hi,

I have the following network architecture.

i have 10 vlans on my nexus 7K. for VLAN 1 to 5 default gateway is N7K and for vlan 6-10 default gateway is Firewall.

Firewall has IPS ssp module. I want to do the following

1) For traffic routed to firewall

  • For selected traffic, perform IDS (promiscous) mode
  • For selected traffic perform IPS (inline ) mode

2) For traffic routed to N7K

  • Perform SPAN for vlan 6-10 and send a copy of traffic to IPS SSP module.

I understand that IPS SSP cannot take traffic directly from external device since it has only one Sensing port Portchannel 0/0.

with regards

Prasad K

Everyone's tags (3)
552
Views
0
Helpful
0
Replies
CreatePlease login to create content