Filter
Top Products
C-5
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Appendix C Troubleshooting
Preventive Maintenance
Would you like to replace existing network settings
(host-ipaddress/netmask/gateway/access-list) on sensor before proceeding? [no]:
sensor#
Step 4 Enter no to retain the currently configured hostname, IP address, subnet mask, management interface,
and access list. We recommend you retain this information to preserve access to your sensor after the
rest of the configuration has been restored.
For More Information
For a list of supported HTTP/HTTPS servers, see Supported FTP and HTTP/HTTPS Servers, page 22-3.
Creating the Service Account
You can create a service account for the TAC to use during troubleshooting. Although more than one
user can have access to the sensor, only one user can have service privileges on a sensor. The service
account is for support purposes only.
The root user password is synchronized to the service account password when the service account is
created. To gain root access you must log in with the service account and switch to user root with the
su - root command.
Caution Do not make modifications to the sensor through the service account except under the direction of the
TAC. If you use the service account to configure the sensor, your configuration is not supported by the
TAC. Adding services to the operating system through the service account affects proper performance
and functioning of the other IPS services. The TAC does not support a sensor on which additional
services have been added.
Caution You should carefully consider whether you want to create a service account. The service account
provides shell access to the system, which makes the system vulnerable. However, you can use the
service account to create a password if the administrator password is lost. Analyze your situation to
decide if you want a service account existing on the system.
Note For IPS 5.0 and later, you can no longer remove the cisco account. You can disable it using the no
password cisco command, but you cannot remove it. To use the no password cisco command, there
must be another administrator account on the sensor. Removing the cisco account through the service
account is not supported. If you remove the cisco account through the service account, the sensor most
likely will not boot up, so to recover the sensor you must reinstall the sensor system image.
To create the service account, follow these steps:
Step 1 Log in to the CLI using an account with administrator privileges.
Step 2 Enter configuration mode.
sensor# configure terminal