Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA doesn't send traffic to IPS module

Hello friends,

I've installed AIP-SSM module in ASA, configed it, but have no see alerts. What i have:

ASA 5520 8.2

AIP-SSM 7.0(2)E4

ASA# sh service-policy ips

Global policy:

  Service-policy: global_policy

    Class-map: IPS_TRAFFIC-CLASS

      IPS: card status Up, mode promiscuous fail-open, sensor vs0

        packet input 0, packet output 390686, drop 0, reset-drop 0

Why input is 0? Traffic was sending by ACL permit ip any any.

Please help, thx.

1 REPLY
Gold

ASA doesn't send traffic to IPS module

You have your ASA configured for Promiscuous Mode and you have counts on the packet output of your policy. This is normal. In Promiscuous Mode, traffic doe not return from the sensor module to the ASA, so you shouldn't expect any input packet counts on the ASA side in Promiscuous Mode (unless you are performing TCP resets with the sensor).

Log into the AIP-SSM module and look for counts on the interface to see if the sensor is receiving traffic.

- Bob

434
Views
0
Helpful
1
Replies