02-11-2008 02:19 AM - edited 03-10-2019 03:59 AM
Hi,
Two questions:
1º Is good to drop all high virus signatures?
2º IPS is activated to inside interface, this interface supports vpn conection.
There is activated drop icmp attacks, but sometimes, packets from VPN are dropped.
Is possible to add/create a white list with vpn /lan ip addresses to exclude them from the analisis/drop?
Best regards
02-11-2008 08:29 AM
To answer your second question, you can exclude actions from a particular host with an Event Action Filter. If you're running 6.0 and use the CLI, this is what you'd want to read:
02-11-2008 09:14 AM
I use 2821 cisco router
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: