Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Inspecting traffic one way

Hi, is there a way on IPS v6.1 to only inspect traffic in one direction? Implementation is pair interfaces. Thanks!

New Member

Re: Inspecting traffic one way

You can configure AIP-SSM to inspect traffic in inline or promiscuous mode and in fail-open or fail-over mode.On the adaptive security appliance, to identify traffic to be diverted to and inspected by AIP-SSM:

1. Create or use an existing ACL.

2. Use the class-map command to define the IPS traffic class.

3. Use the policy-map command to create an IPS policy map by associating the traffic class with one or more actions.

4. Use the service-policy command to create an IPS security policy by associating the policy map with one or more interfaces.The AIP SSM runs advanced IPS software that provides proactive, full-featured intrusion prevention services to stop malicious traffic, including worms and network viruses, before they can affect your network. This section includes the following topics:


Re: Inspecting traffic one way

There is a setting for "loose" TCP processing that is supposed to allow the sensor to watch only half of a TCP conversation, but we found it didn'twork very well and CPU unexpectedly increased significantly as a result.

New Member

Re: Inspecting traffic one way

Thanks for all the replies! Good info. : )

CreatePlease to create content