EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1150 background imageLoading...
Page #1150 background image
54-8
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 54 Configuring the IPS Application on the AIP SSM and SSC
Configuring the AIP SSM/SSC
Step 9 Change to each context to configure the IPS security policy as described in “Diverting Traffic to the AIP
SSM/SSC” section on page 54-8.
What to Do Next
Change to each context to configure the IPS security policy as described in “Diverting Traffic to the AIP
SSM/SSC” section on page 54-8.
Diverting Traffic to the AIP SSM/SSC
This section identifies traffic to divert from the adaptive adaptive security appliance to the AIP
SSM/SSC.
Prerequisites
In multiple context mode, perform these steps in each context execution space.
Detailed Steps
Step 1 In the ASDM Device List pane, double-click the context name under the active device IP address >
Contexts.
Step 2 Click Configuration > Firewall > Service Policy Rules.
Step 3 You can edit an existing rule or create a new one:
For an existing rule, choose the rule and click Edit.
The Edit Service Policy Rule dialog box appears.
For a new rule, choose Add > Add Service Policy Rule.
The Add Service Policy Rule Wizard - Service Policy dialog box appears. Complete the Service
Policy and Traffic Classification Criteria dialog boxes. See the Adding a Service Policy Rule for
Through Traffic” section on page 29-8 for more information. Click Next to show the Add Service
Policy Rule Wizard - Rule Actions dialog box.
Step 4 Click the Intrusion Prevention tab.
You can also set other feature actions for the same traffic using the other tabs.
Step 5 Check the Enable IPS for this traffic flow check box.
Step 6 In the Mode area, click Inline Mode or Promiscuous Mode.
See the “Operating Modes” section on page 54-2 for more details.
Step 7 In the If IPS Card Fails area, click Permit traffic or Close traffic.
The Close traffic option sets the adaptive security appliance to block all traffic if the AIP SSM/SSC is
unavailable.
The Permit traffic option sets the adaptive security appliance to allow all traffic through, uninspected, if
the AIP SSM/SSC is unavailable.
Step 8 (AIP SSM Only) From the IPS Sensor to use drop-down list, choose a virtual sensor name.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals