11-8
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 11 Configuring External Product Interfaces
Troubleshooting External Product Interfaces
username: jsmith
password: <hidden>
host-posture-settings
-----------------------------------------------
enabled: yes default: yes
allow-unreachable-postures: yes default: yes
posture-acls (ordered min: 0, max: 10, current: 1 - 1 active, 0 inactive)
-----------------------------------------------
ACTIVE list-contents
-----------------------------------------------
NAME: name1
-----------------------------------------------
network-address: 192.0.2.0/24
action: permit
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
watchlist-address-settings
-----------------------------------------------
enabled: yes default: yes
manual-rr-increase: 30 default: 25
session-rr-increase: 30 default: 25
packet-rr-increase: 20 default: 10
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
sensor(config-ext)#
Step 12 Exit external product interface submode.
sensor(config-ext)# exit
Apply Changes:?[yes]:
Step 13 Press Enter to apply the changes or enter no to discard them.
For More Information
For the procedure for adding trusted hosts, see Adding TLS Trusted Hosts, page 4-51.
Troubleshooting External Product Interfaces
To troubleshoot external product interfaces, check the following:
• Make sure the interface is active by checking the output from the show statistics
external-product-interface command in the CLI, or choose Monitoring > Sensor Monitoring >
Support Information > Statistics in the IDM and check the Interface state line in the response, or
choose Configuration > sensor_name > Sensor Monitoring > Support Information > Statistics
in the IME, and check the Interface state line in the response.
• Make sure you have added the CSA MC IP address to the trusted hosts. If you forgot to add it, add
it, wait a few minutes and then check again.
• Confirm subscription login information by opening and closing a subscription on the CSA MC using
the browser.
• Check the Event Store for the CSA MC subscription errors.