Friday, 26 August 2016

Cisco 5555 with Firepower Module

How to Redirect Traffic to the SFR Module

Login to each Context if you got multiple contexts
(Perform this procedure within each security context)
Here we are routing all traffic to SFR module, customize access-list if you want to exclude some traffic.
.ASA (config) # access-list sfr_redirect extended permit ip any any
ASA (config) # class-map sfr
ASA (config-cmap) # match access-list sfr_redirect
ASA (config) # policy-map global_policy
ASA (config-pmap) # class sfr
ASA (config-pmap-c) # sfr fail-open