ASA support for IPS in Transparent Multicontext mode
Customer is asking for a solution wherein ASA will be in transparent mode. 2 of the interfaces will fall in Admin context while other two will be part of a new context, say Context Traffic1. Now as he is also buying AIP SSM module with the boxes he wants IPS functionality for traffic of both contexts.
The ASA are to be deployed in AA mode with each ASA catering to traffic of one Context.
I am really doubtful on the IPS module being available to both contexts as no interface is shared between these contexts and how will the traffic be available to IPS when the IPS interface can only be part of one context at one time. Plz respond ASAP.
Re: ASA support for IPS in Transparent Multicontext mode
ASA diverts packets to ASA-SSM just before the packet exits the egress interface (or before VPN encryption occurs, if configured) and after other firewall policies are applied. For example, packets that are blocked by an access list are not forwarded to ASA-SSM.Refer the following URL for more information
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...