I think it is possible to send AIP SSM traffic to ASA in inline mode. This mode places the AIP SSM directly in the traffic flow . No traffic that you identified for IPS inspection can continue through the adaptive security appliance without first passing through, and being inspected by, the AIP SSM. This mode is the most secure because every packet that you identify for inspection is analyzed before being allowed through. Also, the AIP SSM can implement a blocking policy on a packet-by-packet basis. This mode, however, can affect throughput.
Thank you for taking the time to answer, but I was asking about the use of MULTI-context ASA firewalls. They are multiple virtual firewalls that reside inside the same physical ASA. Can a single context IPS sensor module (AIP-SSM) perform promiscious or in-line inspection on packets to and from multiple virtual firewalls?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...