Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
713
Views
0
Helpful
1
Replies

ASA doesn't send traffic to IPS module

kostyacroc
Level 1
Level 1

‎03-01-2012 06:21 AM - edited ‎03-10-2019 05:37 AM

Hello friends,

I've installed AIP-SSM module in ASA, configed it, but have no see alerts. What i have:

ASA 5520 8.2

AIP-SSM 7.0(2)E4

ASA# sh service-policy ips

Global policy:

  Service-policy: global_policy

    Class-map: IPS_TRAFFIC-CLASS

      IPS: card status Up, mode promiscuous fail-open, sensor vs0

        packet input 0, packet output 390686, drop 0, reset-drop 0

Why input is 0? Traffic was sending by ACL permit ip any any.

Please help, thx.

Labels:
0 Helpful
1 Reply 1

rhermes
Level 7
Level 7

‎03-01-2012 08:16 AM

You have your ASA configured for Promiscuous Mode and you have counts on the packet output of your policy. This is normal. In Promiscuous Mode, traffic doe not return from the sensor module to the ASA, so you shouldn't expect any input packet counts on the ASA side in Promiscuous Mode (unless you are performing TCP resets with the sensor).

Log into the AIP-SSM module and look for counts on the interface to see if the sensor is receiving traffic.

- Bob

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card