Filter
Top Products
E-42
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
OL-24002-01
Appendix E Troubleshooting
Troubleshooting the Appliance
default-signatures-only
-----------------------------------------------
specify-service-ports
-----------------------------------------------
no
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
specify-tcp-max-mss
-----------------------------------------------
no
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
specify-tcp-min-mss
-----------------------------------------------
no
-----------------------------------------------
-----------------------------------------------
--MORE--
Step 4
Exit signature definition submode.
sensor(config-sig-sig-nor)# exit
sensor(config-sig-sig)# exit
sensor(config-sig)# exit
Apply Changes:?[yes]:
Step 5
Press Enter to apply the changes or type
no
to discard them.
Verifying the Master Blocking Sensor Configuration
To verify that a master blocking sensor is set up properly or to troubleshoot a master blocking sensor
that is not set up properly, you can use the show statistics network-access command. Make sure that
the forwarding sensor is set up as TLS trusted host if the remote master blocking sensor is using TLS for
web access.
To verify a master blocking sensor configuration, follow these steps:
Step 1
Log in to the CLI.
Step 2
View the ARC statistics and verify that the master blocking sensor entries are in the statistics.
sensor# show statistics network-access
Current Configuration
AllowSensorShun = false
ShunMaxEntries = 250
MasterBlockingSensor
SensorIp = 10.89.149.46
SensorPort = 443
UseTls = 1
State
ShunEnable = true
ShunnedAddr
Host
IP = 122.122.122.44
ShunMinutes = 60
MinutesRemaining = 59
Step 3
If the master blocking sensor does not show up in the statistics, you need to add it.