Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

how to use Cisco ASA5510 as an IPS

We have a Cisco ASA5510 w

ith ASA-SSM-10 module but we´d like to know how to configure it as

an IPS. We have it in the same network but in a simulate enviroment 2 different network segments.

Everyone's tags (2)
1 REPLY
Cisco Employee

Re: how to use Cisco ASA5510 as an IPS

You need the ASA to pass traffic through the IPS as explained in http://supportforums.cisco.com/docs/DOC-5668

Note that since this is a different module you will need something like

access-list ips-acl extended permi ip any any 

class-map ips-class
match access-list ips-acl

policy-map global_policy
class ips-class
  ips fail-open

service-policy global_policy global

Then you can start configuring the ips following its config guide to fire on signatures etc.

I hope it helps.

PK

4594
Views
0
Helpful
1
Replies
CreatePlease to create content