ASA(VPN ) and IPS Correct Placement ??

From: jockey wearer (jockeywearer@gmail.com)
Date: Thu Mar 12 2009 - 13:02:27 ARST

• Next message: sony darrel: "Re: NTP Master Switchover fails"
• Previous message: Scott M Vermillion: "Re: Passed is SJ"
• Next in thread: Travis Niedens: "RE: ASA(VPN ) and IPS Correct Placement ??"
• Maybe reply: Travis Niedens: "RE: ASA(VPN ) and IPS Correct Placement ??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Security Experts,

Currently we have setup

Topology 1
1)Internet Router --- IPS(Inline)-----ASA-----core switch 6500

as per the requirement my management need to Use Cisco ASA as VPN Server so

Internet users will connect to ASA by VPN client and SSL client
should I need to change the place of IPS ?

Topology 2
2)Internet Router---ASA---IPS(Inline)---core sw6500

Can I keep same tolopogy(1) and configure something on IPS as I come to know
IPS drops encrypted traffic.

what is the proper design ? and what I need to configure on IPS to work with
Topology(1)

any update appreciate.

Many Thanks
Prashant.

Blogs and organic groups at http://www.ccie.net

• Next message: sony darrel: "Re: NTP Master Switchover fails"
• Previous message: Scott M Vermillion: "Re: Passed is SJ"
• Next in thread: Travis Niedens: "RE: ASA(VPN ) and IPS Correct Placement ??"
• Maybe reply: Travis Niedens: "RE: ASA(VPN ) and IPS Correct Placement ??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:04 ART