I should perhaps add that I was having trouble (I thought) with the AIP SSM a couple of days back, so I disabled it by:
asa-srl(config)# no service-policy global_policy global
asa-srl(config)# no service-policy interface_policy interface outside
However, after the above trouble, I again enabled it again
asa-srl(config)# service-policy global_policy global
asa-srl(config)# service-policy interface_policy interface outside
asa-srl(config)# sh service-policy
Global policy:
Service-policy: global_policy
Class-map: inspection_default
Inspect: pptp, packet 0, drop 0, reset-drop 0
Interface outside:
Service-policy: interface_policy
Class-map: ips_class_map
IPS: card status Up, mode inline fail-open
packet input 273709, packet output 273715, drop 0, reset-drop 0
//Magnus
Main Topics
Browse All Topics





by: grbladesPosted on 2007-11-28 at 06:23:49ID: 20365599
Can you post your current configuration (with the first part of the IP address and the password *'d out).
It helps to see all the configuration. Often 'static' commands are used in addition to nat/global ones.