Cisco IPS 7.1 Installation Guide Page 291

  • Download
  • Add to my manuals
  • Print
  • Page
    / 422
  • Table of contents
  • TROUBLESHOOTING
  • BOOKMARKS
  • Rated. / 5. Based on customer reviews
Page view 290
E-21
Cisco Intrusion Prevention System Appliance Hardware Installation Guide for IPS 7.1
OL-24002-01
Appendix E Troubleshooting
Troubleshooting RADIUS Authentication
Step 6 If the Analysis Engine still reads Not Running, contact TAC with the original show tech support
command output.
Troubleshooting RADIUS Authentication
Symptom Attempt limit configured on the IPS sensor may not be enforced for a RADIUS user.
Conditions Applicable for RADIUS users only. The RADIUS user must have logged in to the sensor at
least once after RADIUS authentication is enabled or after the sensor is reset or rebooted.
Workaround Log in to the sensor with the correct credentials and from that time on the attempt limit is
enforced for that RADIUS user.
For More Information
For detailed information on RADIUS authentication, refer to Configuring Authentication and User
Parameters.
Troubleshooting External Product Interfaces
This section lists issues that can occur with external product interfaces and provides troubleshooting tips.
For more information on external product interfaces, refer to Configuring External Product Interfaces.
This section contains the following topics:
External Product Interfaces Issues, page E-21
External Product Interfaces Troubleshooting Tips, page E-22
External Product Interfaces Issues
When the external product interface receives host posture and quarantine events, the following issues
can arise:
The sensor can store only a certain number of host records:
If the number of records exceeds 10,000, subsequent records are dropped.
If the 10,000 limit is reached and then it drops to below 9900, new records are no longer
dropped.
Hosts can change an IP address or appear to use another host IP address, for example, because of
DHCP lease expiration or movement in a wireless network. In the case of an IP address conflict, the
sensor presumes the most recent host posture event to be the most accurate.
A network can include overlapping IP address ranges in different VLANs, but host postures do not
include VLAN ID information. You can configure the sensor to ignore specified address ranges.
A host can be unreachable from the CSA MC because it is behind a firewall. You can exclude
unreachable hosts.
Page view 290
1 ... 290 291 292 ... 422

Comments to this Manuals

No comments