This stems from the desire not to fire off an alert for the Generic SQL HTTP Injection rule if the 'victim' is not an internal IP address, so if I'm barking up the wrong tree, feel free to redirect me.
I plan on using an Event filter such that the IPS does not alert for the above mentioned rule when the victim is a webserver outside my LAN. Reading posts over 2 years old here, the 'best' way was to do like 0.0.0.0-18.104.22.168,22.214.171.124-255.255.255.255 assuming I used all the 10.x space. I have many non-contigious ranges so this is shaping up to suck.
Is this still the case, or has cisco come up with a system variable that represents outside IPs. Can I create the inside range and make outside not equal to inside, etc? The documentation seems to be lacking in this area, any help would be appreciated. Thanks!
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...