Cisco Systems IPS 7.1 Home Security System User Manual


  Open as PDF
of 1042
 
5-16
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 5 Configuring Interfaces
Configuring Physical Interfaces
alt-tcp-reset-interface—Sends TCP resets out an alternate interface when this interface is used for
promiscuous monitoring and the reset action is triggered by a signature firing.
Note You can only assign a sensing interface as an alternate TCP reset interface. You cannot
configure the management interface as an alternate TCP reset interface.
Note There is only one sensing interface on the ASA IPS modules (ASA 5500 AIP SSM,
ASA 5500-X IPS SSP, and ASA 5585-X IPS SSP), so you cannot designate an alternate
TCP reset interface.
interface_name—Specifies the name of the interface on which TCP resets should be sent when
this interface is used for promiscuous monitoring and the reset action is triggered by a signature
firing. This setting is ignored when this interface is a member of an inline interface.
none —Disables the use of an alternate TCP reset interface. TCP resets triggered by the reset
action when in promiscuous mode will be sent out of this interface instead.
default—Sets the value back to the system default setting.
description—Specifies your description of the promiscuous interface.
duplex—Specifies the duplex setting of the interface:
auto—Sets the interface to auto negotiate duplex.
full—Sets the interface to full duplex.
half—Sets the interface to half duplex.
Note The duplex option is protected on all modules.
Note For TenGigabit SFP+ ports, the permitted values are auto and full.
no—Removes an entry or selection setting.
speed—Specifies the speed setting of the interface:
auto—Sets the interface to auto negotiate speed.
10—Sets the interface to 10 MB (for TX interfaces only).
100—Sets the interface to 100 MB (for TX interfaces only).
1000—Sets the interface to 1 GB (for Gigabit interfaces only).
Note The speed option is protected on all modules.
Note For TenGigabit SFP+ ports with a 10 Gb connector, the permitted values are auto and
10000, and for TenGigabit SFP+ ports with a 1 Gb connector, the permitted value is
auto.
 previous next