I just need to pick the brains of experts around. Here i am about to deploy my very first ASA with AIP-SSM10 module, I have the ASA well enough good to go, I just want to have the ASA sending traffic to the AIP-SSM10 for inspections.
access-list IPS_TRAFFIC extended permit ip any 192.168.0.0 255.255.252.0
match access-list IPS_TRAFFIC
ips inline fail-open
service-policy LAN_IPS_POLICY interface inside
I'm aware that i could do this on the global policy level! I don't want to i want to do this on interface basis. I though about doing an acl that would permit ip any any.....but that would be useless for a firewall.
Please i would appreciate any suggestions as to how i could achieve this.