Support User Manuals

Cisco Systems IPS4510K9 Home Security System User Manual

Open as PDF

of 854

14-17

Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 7.2

OL-29168-01

Chapter 14 Configuring Attack Response Controller for Blocking and Rate Limiting

Disabling Blocking

Step 4

Disable blocking event and error logging.

sensor(config-net-gen)# log-all-block-events-and-errors false

Step 5

Verify that logging is disabled.

sensor(config-net-gen)# show settings

general

-----------------------------------------------

log-all-block-events-and-errors: false default: true

enable-nvram-write: false default: false

enable-acl-logging: false default: false

allow-sensor-block: false <defaulted>

block-enable: true <defaulted>

block-max-entries: 250 <defaulted>

max-interfaces: 250 <defaulted>

master-blocking-sensors (min: 0, max: 100, current: 0)

-----------------------------------------------

Step 6

Enable blocking event and error logging.

sensor(config-net-gen)# log-all-block-events-and-errors true

Step 7

Verify that logging is enabled.

sensor(config-net-gen)# show settings

general

-----------------------------------------------

log-all-block-events-and-errors: true default: true

enable-nvram-write: false default: false

enable-acl-logging: false default: false

allow-sensor-block: false <defaulted>

block-enable: true <defaulted>

block-max-entries: 250 <defaulted>

max-interfaces: 250 <defaulted>

master-blocking-sensors (min: 0, max: 100, current: 0)

-----------------------------------------------

Step 8

Exit network access mode.

sensor(config-net-gen)# exit

sensor(config-net)# exit

Apply Changes:?[yes]:

Step 9

Press Enter to apply the changes or type

no

to discard them.

Configuring the Maximum Number of Blocking Interfaces

Use the max-interfaces command to configure the maximum number of interfaces for performing

blocks. For example, a PIX Firewall counts as one interface. A router with one interface counts as one,

but a router with two interfaces counts as two. At most you can configure 250 blocking interfaces on a

router, switch, or firewall. You can configure up to 250 Catalyst 6K switches, 250 routers, and 250

firewalls.

The max-interfaces command configures the limit of the sum total of all interfaces and devices. In

addition to configuring the limit on the sum total of interfaces and devices, there is a fixed limit on the

number of blocking interfaces you can configure per device. Use the show settings command in network

access mode to view the specific maximum limits per device.

previous next