Cisco Systems IPS 7.1 Home Security System User Manual


  Open as PDF
of 1042
 
4-6
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 4 Setting Up the Sensor
Changing Network Settings
host-ip: 192.0.2.1/24,192.0.2.2
default: 192.168.1.2/24,192.168.1.1
host-name: sensor default: sensor
telnet-option: enabled default: disabled
access-list (min: 0, max: 512, current: 1)
-----------------------------------------------
network-address: 0.0.0.0/0
-----------------------------------------------
-----------------------------------------------
ftp-timeout: 300 seconds <defaulted>
login-banner-text: <defaulted>
-----------------------------------------------
sensor(config-hos-net)#
Step 5 Exit network settings mode.
sensor(config-hos-net)# exit
sensor(config-hos)# exit
Apply Changes:?[yes]:
Step 6 Press Enter to apply the changes or enter no to discard them.
Note To Telnet to the sensor, you must enable Telnet and configure the access list to allow the Telnet clients
to connect.
For More Information
For the procedure for configuring the access list, see Changing the Access List, page 4-6.
Changing the Access List
Use the access-list ip_address/netmask command in the service host submode to configure the access
list, the list of hosts or networks that you want to have access to your sensor. Use the no form of the
command to remove an entry from the list. The default access list is empty.
The following hosts must have an entry in the access list:
Hosts that need to Telnet to your sensor.
Hosts that need to use SSH with your sensor.
Hosts, such as the IDM and the IME, that need to access your sensor from a web browser.
Management stations, such as the CSM, that need access to your sensor.
If your sensor is a master blocking sensor, the IP addresses of the blocking forwarding sensors must
have an entry in the list.
To modify the access list, follow these steps:
Step 1 Log in to the sensor using an account with administrator privileges.
Step 2 Enter network settings mode.
sensor# configure terminal
sensor(config)# service host
sensor(config-hos)# network-settings
 previous next