Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

11-8

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 11 Configuring External Product Interfaces

Troubleshooting External Product Interfaces

username: jsmith

password: <hidden>

host-posture-settings

-----------------------------------------------

enabled: yes default: yes

allow-unreachable-postures: yes default: yes

posture-acls (ordered min: 0, max: 10, current: 1 - 1 active, 0 inactive)

-----------------------------------------------

ACTIVE list-contents

-----------------------------------------------

NAME: name1

-----------------------------------------------

network-address: 192.0.2.0/24

action: permit

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

watchlist-address-settings

-----------------------------------------------

enabled: yes default: yes

manual-rr-increase: 30 default: 25

session-rr-increase: 30 default: 25

packet-rr-increase: 20 default: 10

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

sensor(config-ext)#

Step 12 Exit external product interface submode.

sensor(config-ext)# exit

Apply Changes:?[yes]:

Step 13 Press Enter to apply the changes or enter no to discard them.

For More Information

For the procedure for adding trusted hosts, see Adding TLS Trusted Hosts, page 4-51.

Troubleshooting External Product Interfaces

To troubleshoot external product interfaces, check the following:

• Make sure the interface is active by checking the output from the show statistics

external-product-interface command in the CLI, or choose Monitoring > Sensor Monitoring >

Support Information > Statistics in the IDM and check the Interface state line in the response, or

choose Configuration > sensor_name > Sensor Monitoring > Support Information > Statistics

in the IME, and check the Interface state line in the response.

• Make sure you have added the CSA MC IP address to the trusted hosts. If you forgot to add it, add

it, wait a few minutes and then check again.

• Confirm subscription login information by opening and closing a subscription on the CSA MC using

the browser.

• Check the Event Store for the CSA MC subscription errors.

previous next