Cisco IPS-4255-K9 Installation Guide - Page 316
Troubleshooting Blocking, Verifying ARC is Running, network-access, show version, show statistics
UPC - 746320951096
View all Cisco IPS-4255-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 316 highlights
Troubleshooting the Appliance Chapter A Troubleshooting • Blocking Not Occurring for a Signature, page A-44 • Verifying the Master Blocking Sensor Configuration, page A-45 Troubleshooting Blocking Note ARC was formerly known as Network Access Controller. Although the name has been changed since IPS 5.1, it still appears in IDM, IME, and the CLI as Network Access Controller, nac, and network-access. After you have configured ARC, you can verify if it is running properly by using the show version command. To verify that ARC is connecting to the network devices, use the show statistics network-access command. To troubleshoot ARC, follow these steps: 1. Verify that ARC is running. 2. Verify that ARC is connecting to the network devices. 3. Verify that the Event Action is set to Block Host for specific signatures. 4. Verify that the master blocking sensor is properly configured. For More Information • For the procedure to verify that ARC is running, see Verifying ARC is Running, page A-38. • For the procedure to verify that ARC is connecting, see Verifying ARC Connections are Active, page A-39. • For the procedure to verify that the Event Action is set to Block Host, see Blocking Not Occurring for a Signature, page A-44. • For the procedure to verify that the master blocking sensor is properly configured, see Verifying the Master Blocking Sensor Configuration, page A-45. • For a discussion of ARC architecture, refer to Attack Response Controller. Verifying ARC is Running To verify that ARC is running, use the show version command. If MainApp is not running, ARC cannot run. ARC is part of MainApp. To verify that ARC is running, following these steps: Step 1 Step 2 Log in to the CLI. Verify that MainApp is running. sensor# show version Application Partition: Cisco Intrusion Prevention System, Version 7.0(1)E3 Host: Realm Keys Signature Definition: Signature Update Virus Update OS Version: key1.0 S388.0 V1.4 2.4.30-IDS-smp-bigphys 2009-03-25 2007-03-02 A-38 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 OL-18504-01