Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA5520 IPS, not seeing any traffic

I have the IPS set to promiscuous mode.

Have a policy map set don't see it doing anything I get no reports or logs I see no traffic on it.

How do you know what it's doing? or get it to do something?

I don't even know what questions to ask as the documentation for this thing is horrible.

access-list IPS extended permit ip any any

access-group Outside_access_in in interface Outside

access-group Inside_access_in in interface Inside

route Outside 1

route Inside 1

class-map IPS-CLASS

match access-list IPS

class-map inspection_default

match default-inspection-traffic



policy-map type inspect dns preset_dns_map


message-length maximum 1024

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

inspect icmp


ips promiscuous fail-open

Cisco Employee

Re: ASA5520 IPS, not seeing any traffic

sh run service-policy (will tell you if this policy is applied anywhere)

sh service-policy (will tell you if IPS is inspecting)

New Member

Re: ASA5520 IPS, not seeing any traffic

Have you configured the AIP-SSM yet? You currently show the ASA configuration. And it looks like your going to send traffic to the AIP. Could you session into the AIP from the ASA and make sure that you have configured it as well?

CreatePlease to create content