Filter
Top Products
14-25
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 14 Configuring Attack Response Controller for Blocking and Rate Limiting
Configuring Blocking and Rate Limiting Devices
Step 11 Verify the settings.
sensor(config-net-rou-blo)# exit
sensor(config-net-rou)# show settings
ip-address: 192.0.2.1
-----------------------------------------------
communication: ssh-3des default: ssh-3des
nat-address: 19.89.149.219 default: 0.0.0.0
profile-name: PROFILE1
block-interfaces (min: 0, max: 100, current: 1)
-----------------------------------------------
interface-name: GigabitEthernet0/1
direction: in
-----------------------------------------------
pre-acl-name: <defaulted>
post-acl-name: <defaulted>
-----------------------------------------------
-----------------------------------------------
response-capabilities: block|rate-limit default: block
-----------------------------------------------
sensor(config-net-rou)#
Step 12 Exit network access submode.
sensor(config-net-rou)# exit
sensor(config-net)# exit
sensor(config)# exit
Apply Changes:?[yes]:
Step 13 Press Enter to apply the changes or enter no to discard them.
For More Information
• For the procedure for configuring user profiles, see Configuring User Profiles, page 14-20.
• For the procedure for adding a device to the known hosts list, see Adding Hosts to the SSH Known
Hosts List, page 4-45.
Configuring the Sensor to Manage Catalyst 6500 Series Switches and Cisco
7600 Series Routers
This section describes how to configure the sensor to manage Cisco switches. It contains the following
topics:
• Switches and VACLs, page 14-25
• Configuring the Sensor to Manage Catalyst 6500 Series Switches and Cisco 7600 Series Routers,
page 14-26
Switches and VACLs
You can configure the ARC to block using VACLs on the switch itself when running Cisco Catalyst
software, or to block using router ACLs on the MSFC or on the switch itself when running Cisco IOS
software. This section describes blocking using VACLs. You cannot configure switches that use VACLs
to perform rate limiting. You must configure the blocking interfaces on the Catalyst 6500 series switch
and specify the VLAN of traffic you want blocked.