I'm a little on the new end of all of this so bear with me. I hope I'm in the right forum.
I have an ASA 5510 with an AIP-SSM-10 card that I am configuring for a customer. Everything is up and running except for the diversion of traffic to the AIP. I know that I need an access list to do that but I want to EXCLUDE VPN traffic when I divert. In other word I want the AIP to inspect everything except ipsec. I'm having trouble understanding how to use an access list for everything except VPN traffic. Any help would be greatly appreciated.
Thanks for your timely response. I was probably overlooking the obvious but also I was afraid that that would block the traffic altogether. I am testing it now but I think this should be exactly what I needed. Again, I thank you for your help.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...