Cisco Cisco FirePOWER Appliance 8140
26-3
FireSIGHT System User Guide
Chapter 26 Using Transport & Network Layer Preprocessors
Ignoring VLAN Headers
When you enable the
Ignore VLAN Header
detection setting, the system ignores the VLAN header so
packets can be correctly processed for your deployment.
To ignore VLAN headers:
Access:
Admin/Intrusion Admin
Step 1
Select
Policies > Intrusion > Intrusion Policy.
The Intrusion Policy page appears.
Step 2
Click the edit icon (
) next to the policy you want to edit.
If you have unsaved changes in another policy, click
OK
to discard those changes and continue. See
for information on saving unsaved changes in another
policy.
The Policy Information page appears.
Step 3
Click
Advanced Settings
in the navigation panel on the left.
The Advanced Settings page appears.
Step 4
You have two choices:
•
If the configuration is enabled, click
Edit
.
•
If the configuration is disabled, click
Enabled
, then click
Edit
.
The Detection Settings page appears. A message at the bottom of the page identifies the intrusion
policy layer that contains the configuration. See
policy layer that contains the configuration. See
for
more information.
Step 5
You have the following choices:
•
For deployed devices that might detect different VLAN tags for the same connection in traffic
traveling in different directions, select the
traveling in different directions, select the
Ignore VLAN Header
check box to ignore VLAN headers
when identifying traffic.
•
For deployed devices that will not detect different VLAN tags for the same connection traffic
traveling in different directions, clear the
traveling in different directions, clear the
Ignore VLAN Header
check box to include VLAN headers
when identifying traffic.
Step 6
Save your policy, continue editing, discard your changes, revert to the default configuration settings in
the base policy, or exit while leaving your changes in the system cache. See the
the base policy, or exit while leaving your changes in the system cache. See the
table for more information.