Filter
Top Products
E-40
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
OL-24002-01
Appendix E Troubleshooting
Troubleshooting the Appliance
profile-name: r7200
block-interfaces (min: 0, max: 100, current: 1)
-----------------------------------------------
interface-name: fa0/0
direction: in
-----------------------------------------------
pre-acl-name: <defaulted>
post-acl-name: <defaulted>
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
firewall-devices (min: 0, max: 250, current: 0)
-----------------------------------------------
-----------------------------------------------
sensor(config-net)#
Step 3
Manually connect to the device to make sure you have used the correct username, password, and enable
password, and to ensure that the device is reachable from the sensor:
a.
Log in to the service account.
b.
Telnet or SSH to the network device to verify the configuration.
c.
Make sure you can reach the device.
d.
Verify the username and password.
Step 4
Verify that each interface and direction on each network device is correct.
For More Information
For the procedure for verifying the interfaces and directions for each network device, see Verifying the
Interfaces and Directions on the Network Device, page E-40.
Verifying the Interfaces and Directions on the Network Device
To verify that each interface and direction on each controlled device is correct, you can send a manual
block to a bogus host and then check to see if deny entries exist for the blocked addresses in the ACL of
the router.
To initiate a manual block to a bogus host, follow these steps:
Step 1
Enter ARC general submode.
sensor# configure terminal
sensor(config)# service network-access
sensor(config-net)# general
Step 2
Start the manual block of the bogus host IP address.
sensor(config-net-gen)# block-hosts 10.16.0.0
Step 3
Exit general submode.
sensor(config-net-gen)# exit
sensor(config-net)# exit
Apply Changes:? [yes]:
Step 4
Press Enter to apply the changes or type
no
to discard them.