Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

14-10

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 14 Configuring Attack Response Controller for Blocking and Rate Limiting

Disabling Blocking

Note While blocking is disabled, the ARC continues to receive blocks and track the time on active blocks, but

will not apply new blocks or remove blocks from the managed devices. After blocking is reenabled, the

blocks on the devices are updated.

To disable blocking or rate limiting, follow these steps:

Step 1 Log in to the CLI using an account with administrator privileges.

Step 2 Enter network access submode.

sensor# configure terminal

sensor(config)# service network-access

sensor(config-net)#

Step 3 Enter general submode.

sensor(config-net)# general

Step 4 Disable blocking on the sensor. By default, this value is set to true.

sensor(config-net-gen)# block-enable false

Step 5 Verify the settings.

sensor(config-net-gen)# show settings

general

-----------------------------------------------

log-all-block-events-and-errors: true <defaulted>

enable-nvram-write: false <defaulted>

enable-acl-logging: false <defaulted>

allow-sensor-block: false default: false

block-enable: false default: true

block-max-entries: 100 default: 250

max-interfaces: 250 <defaulted>

master-blocking-sensors (min: 0, max: 100, current: 0)

-----------------------------------------------

-----------------------------------------------

never-block-hosts (min: 0, max: 250, current: 1)

-----------------------------------------------

ip-address: 192.0.2.1

-----------------------------------------------

-----------------------------------------------

never-block-networks (min: 0, max: 250, current: 1)

-----------------------------------------------

ip-address: 209.165.200.224/27

-----------------------------------------------

-----------------------------------------------

block-hosts (min: 0, max: 250, current: 0)

-----------------------------------------------

--MORE--

Step 6 Enable blocking on the sensor.

sensor(config-net-gen)# block-enable true

Step 7 Verify that the setting has been returned to the default.

sensor(config-net-gen)# show settings

general

-----------------------------------------------

log-all-block-events-and-errors: true <defaulted>

enable-nvram-write: false <defaulted>

previous next