Cisco IPS-4255-K9 Installation Guide - Page 312
Step 1, Make sure the signature is enabled.
UPC - 746320951096
View all Cisco IPS-4255-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 312 highlights
Troubleshooting the Appliance Chapter A Troubleshooting • Make sure that alerts are being generated • Make sure the sensing interface is in a virtual sensor To make sure you can see alerts, follow these steps: Step 1 Step 2 Step 3 Step 4 Log in to the CLI. Make sure the signature is enabled. sensor# configure terminal sensor(config)# service signature-definition sig0 sensor(config-sig)# signatures 1300 0 sensor(config-sig-sig)# status sensor(config-sig-sig-sta)# show settings status enabled: true retired: false
A-34
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0
OL-18504-01
Chapter A
Troubleshooting
Troubleshooting the Appliance
•
Make sure that alerts are being generated
•
Make sure the sensing interface is in a virtual sensor
To make sure you can see alerts, follow these steps:
Step 1
Log in to the CLI.
Step 2
Make sure the signature is enabled.
sensor#
configure terminal
sensor(config)#
service signature-definition sig0
sensor(config-sig)#
signatures 1300 0
sensor(config-sig-sig)#
status
sensor(config-sig-sig-sta)#
show settings
status
-----------------------------------------------
enabled: true <defaulted>
retired: false <defaulted>
-----------------------------------------------
sensor(config-sig-sig-sta)#
Step 3
Make sure you have Produce Alert configured.
sensor#
configure terminal
sensor(config)#
service signature-definition sig0
sensor(config-sig)#
signatures 1300 0
sensor(config-sig-sig)#
engine ?
normalizer
Signature engine
sensor(config-sig-sig)#
engine normalizer
sensor(config-sig-sig-nor)#
event-action produce-alert
sensor(config-sig-sig-nor)#
show settings
normalizer
-----------------------------------------------
event-action: produce-alert default: produce-alert|deny-connection-inline
edit-default-sigs-only
-----------------------------------------------
sensor#
Step 4
Make sure the sensor is seeing packets.
sensor#
show interfaces FastEthernet0/1
MAC statistics from interface FastEthernet0/1
Media Type = backplane
Missed Packet Percentage = 0
Inline Mode = Unpaired
Pair Status = N/A
Link Status = Up
Link Speed = Auto_100
Link Duplex = Auto_Full
Total Packets Received = 267581
Total Bytes Received = 24886471
Total Multicast Packets Received = 0
Total Broadcast Packets Received = 0
Total Jumbo Packets Received = 0
Total Undersize Packets Received = 0
Total Receive Errors = 0
Total Receive FIFO Overruns = 0
Total Packets Transmitted = 57301
Total Bytes Transmitted = 3441000
Total Multicast Packets Transmitted = 0
Total Broadcast Packets Transmitted = 0
Total Jumbo Packets Transmitted = 0
Total Undersize Packets Transmitted = 0