Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA with AIP

Dear *,

I have ASA with AIP module. I have initialized the AIP module and on ASA redirected the traffic coming from outside to the IPS module going to the internal network. IPS is in inline mode:

ASA(config)# access-list my-ips-acl permit ip any 10.10.0.0 255.255.0.0

ASA(config)# class-map my-ips-class

ASA(config-cmap)# match access-list my-ips-acl

ASA(config-cmap)# policy-map my-ips-policy

ASA(config-pmap)# class my-ips-class

ASA(config-pmap-c)# ips inline fail-open

ASA(config-pmap-c)# service-policy my-ips-policy interface outside

I am also getting hits on the ASA ACL:

 

access-list my-ips-acl line 1 extended permit ip any 10.10.0.0 255.255.0.0 (hitcnt=76498) 0xcf914892

What i would like to know is on AIP module how i can check if it is getting or processing the traffic? Also do i need to enable any signatures or there are some well known signatures already enabled by default?

Thanks,

Aamir

Everyone's tags (2)
534
Views
0
Helpful
0
Replies
CreatePlease to create content