Hi Folks, Currently doing WB2 LAB2 and not sure what I am missing here. IPS Config guide states:
The ASA 5500-X IPS SSP has one sensing interface, PortChannel 0/0. When you create multiple virtual sensors, you must assign this interface to only one virtual sensor. For the other virtual sensors you do not need to designate an interface. After you create virtual sensors, you must map them to a security context on the adaptive security appliance using the *allocate-ips* command. You can map many security contexts to many virtual sensors. The thing is IPS Inspection works only when this interface is mapped to the virtual sensor. For example, if I configure vs0 for PortChannel0 on ASA3, DMZ ICMP packets will generate alerts (going thru C1 as per the lab task). If I put the int on VS1, no alerts. For ASA4, if I map the PortChannel to VS0, no ICMP are blocked. If I map it to VS1, ICMPs are blocked correctly. ASA3/act(config)# sh ver | i Vers Cisco Adaptive Security Appliance Software Version 8.6(1) <system> ASA3/act(config)# sh ips Sensor Name Sensor ID Allocated To Mapped Name ----------- --------- ------------ ----------- vs0 1 C1 vs0 vs1 2 C2 vs1 ASA3/act(config)# sh module ips details Getting details from the Service Module, please wait... Card Type: ASA 5515-X IPS Security Services Processor Model: ASA5515-IPS Hardware version: N/A Software version: 7.1(4)E4 Any idea ? I checked the DSG and as far as I know I have same config, except that I put MGMT in 10.1.1.0 (vlan 100)
_______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc
