Table of Contents
Advertisement
Chapter A
Troubleshooting
sensor(config-sig-sig)# exit
sensor(config-sig)# exit
Apply Changes:?[yes]:
Press Enter to apply the changes or type
Step 5
Verifying the Master Blocking Sensor Configuration
To verify that a master blocking sensor is set up properly or to troubleshoot a master blocking sensor
that is not set up properly, you can use the show statistics network-access command. Make sure that
the forwarding sensor is set up as TLS trusted host if the remote master blocking sensor is using TLS for
web access.
To verify a master blocking sensor configuration, follow these steps:
Log in to the CLI.
Step 1
View the ARC statistics and verify that the master blocking sensor entries are in the statistics.
Step 2
sensor# show statistics network-access
Current Configuration
AllowSensorShun = false
ShunMaxEntries = 250
MasterBlockingSensor
State
ShunEnable = true
ShunnedAddr
If the master blocking sensor does not show up in the statistics, you need to add it.
Step 3
Initiate a manual block to a bogus host IP address to make sure the master blocking sensor is initiating
Step 4
blocks.
sensor# configure terminal
sensor(config)# service network-access
sensor(config-net)# general
sensor(config-net-gen)# block-hosts 10.16.0.0
Exit network access general submode.
Step 5
sensor(config-net-gen)# exit
sensor(config-net)# exit
Apply Changes:? [yes]:
Press Enter to apply the changes or type
Step 6
Verify that the block shows up in the ARC statistics.
Step 7
sensor# show statistics network-access
Current Configuration
AllowSensorShun = false
ShunMaxEntries = 100
State
ShunEnable = true
OL-18504-01
SensorIp = 10.89.149.46
SensorPort = 443
UseTls = 1
Host
IP = 122.122.122.44
ShunMinutes = 60
MinutesRemaining = 59
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0
to discard them.
no
to discard them.
no
Troubleshooting the Appliance
A-45
- Quick Links:
- Table of Contents
- How the Sensor Functions
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
