0

I have a Cisco IPS module running in my ASA 5510 firewall.

Right now I'm trying to troubleshoot a network/VPN problem that two of my users are having when they VPN into a remote partners site.

I would like to turn off the IPS module to determine if it is blocking anything and thus causing the problem.

Is there an easy way to do this without losing all of my configuration? I only want to disable it for a few minutes to see if the problem goes away or not.

Thanks

Richard West
  • 2,978
  • 12
  • 44
  • 49

1 Answers1

1

From your ASDM on the 5510, go to CONFIGURATION > FIREWALL > SERVICE POLICY RULES and disable the service policy rule that is diverting traffic to the IPS module

GregD
  • 8,713
  • 1
  • 24
  • 36
  • Is this in an effort to troubleshoot your other question? http://serverfault.com/questions/22181/adding-a-host-to-cisco-ips-never-block-list/ – GregD Jun 11 '09 at 19:55
  • Unfortunalty, no, it's another issue I'm hunting down :-) – Richard West Jun 11 '09 at 19:56
  • Thanks for the quick answer Greg. This worked like a charm and I have now identified that something within the IPS is causing my problem so look for another question soon perhaps! – Richard West Jun 11 '09 at 20:27