Cisco IPS 7.1 Installation Guide Page 297

  • Download
  • Add to my manuals
  • Print
  • Page
    / 422
  • Table of contents
  • TROUBLESHOOTING
  • BOOKMARKS
  • Rated. / 5. Based on customer reviews
Page view 296
E-27
Cisco Intrusion Prevention System Appliance Hardware Installation Guide for IPS 7.1
OL-24002-01
Appendix E Troubleshooting
Troubleshooting the Appliance
--MORE--
Step 6 Add a permit entry for the workstation network address, save the configuration, and try to connect again.
Step 7 Make sure the network configuration allows the workstation to connect to the sensor. If the sensor is
protected behind a firewall and the workstation is in front of the firewall, make sure the firewall is
configured to allow the workstation to access the sensor. Or if the workstation is behind a firewall that
is performing network address translation on the workstation IP address, and the sensor is in front of the
firewall, make sure that the sensor access list contains a permit entry for the workstation translated
address.
For More Information
For the procedures for changing the IP address, changing the access list, and enabling and disabling
Telnet, refer to Configuring Network Settings.
For the various ways to open a CLI session directly on the sensor, see Appendix A, “Logging In to
the Sensor.
Correcting a Misconfigured Access List
To correct a misconfigured access list, follow these steps:
Step 1 Log in to the CLI.
Step 2 View your configuration to see the access list.
sensor# show configuration | include access-list
access-list 10.0.0.0/8
access-list 64.0.0.0/8
sensor#
Step 3 Verify that the client IP address is listed in the allowed networks. If it is not, add it.
sensor# configure terminal
sensor(config)# service host
sensor(config-hos)# network-settings
sensor(config-hos-net)# access-list 171.69.70.0/24
Step 4 Verify the settings.
sensor(config-hos-net)# show settings
network-settings
-----------------------------------------------
host-ip: 192.168.1.2/24,192.168.1.1 default: 10.1.9.201/24,10.1.9.1
host-name: sensor-238 default: sensor
telnet-option: enabled default: disabled
access-list (min: 0, max: 512, current: 3)
-----------------------------------------------
network-address: 10.0.0.0/8
-----------------------------------------------
network-address: 64.0.0.0/8
-----------------------------------------------
network-address: 171.69.70.0/24
-----------------------------------------------
-----------------------------------------------
Page view 296
1 ... 296 297 298 ... 422

Comments to this Manuals

No comments