I have an ASA firewall with a built in IPS ASA-SSM-10.
When im running these in "inline" mode it appears sites we send outbound email using TLS will not work. I dont get any error messages in debug mode that the IDS's are blocking this traffic. If i change the IPS to "promiscous mode" the traffic passes. Has anyone else seen this problem and did you find a fix?
I have not experienced your problem. I noticed you are changing your config from inline to promiscuous. Until you determine the cause you could leave the IPS in promiscuous mode using this config example:
You have two options if you really want to use the inline feature. You can either go through and find every single signature that is configured with an inline action, in other words pretty much anything that is not 'Produce Alert.' Make that list and look and see what of those you really want to be inline, then tune accordingly. I did this with the CSM, which was pretty easy to sort by action, I'm not sure how easy it would be without out.
The other option is to monitor what signatures are fired on the IPS in IDM, and then check their actions. If they're being fired for non-malicious email and the signature is tuned to reset connection, then either retire the signature or tune it down to produce alert.
I would go with the first option to be safe and to know exactly what is getting blocked in your network at all times.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...