Filter
Top Products
3-25
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 3 Initializing the Sensor
Verifying Initialization
[1] Return back to the setup without saving this config.
[2] Save this configuration and exit setup.
Step 23 Enter 2 to save the configuration.
Enter your selection[2]: 2
Configuration Saved.
Step 24 Reboot the ASA 5585-X IPS SSP.
ips-ssp# reset
Warning: Executing this command will stop all applications and reboot the node.
Continue with reset? []:
Step 25 Enter yes to continue the reboot.
Step 26 After reboot, log in to the sensor, and display the self-signed X.509 certificate (needed by TLS).
ips-ssp# show tls fingerprint
MD5: C4:BC:F2:92:C2:E2:4D:EB:92:0F:E4:86:53:6A:C6:01
SHA1: 64:9B:AC:DE:21:62:0C:D3:57:2E:9B:E5:3D:04:8F:A7:FD:CD:6F:27
Step 27 Write down the certificate fingerprints. You need the fingerprints to check the authenticity of the
certificate when using HTTPS to connect to this ASA 5585-X IPS SSP with a web browser.
Step 28 Apply the most recent service pack and signature update. You are now ready to configure your
ASA 5585-X IPS SSP for intrusion prevention.
For More Information
For the procedure for obtaining the most recent IPS software, see Obtaining Cisco IPS Software,
page 21-1.
Verifying Initialization
Note The CLI output is an example of what your configuration may look like. It will not match exactly due to
the optional setup choices, sensor model, and IPS 7.1 version you have installed.
To verify that you initialized your sensor, follow these steps:
Step 1 Log in to the sensor.
Step 2 View your configuration.
sensor# show configuration
! ------------------------------
! Current configuration last modified Tue Nov 01 10:40:39 2011
! ------------------------------
! Version 7.1(3)
! Host:
! Realm Keys key1.0
! Signature Definition:
! Signature Update S581.0 2011-07-11
! ------------------------------
service interface
exit
! ------------------------------