Table of Contents
Advertisement
Chapter 10
Configuring the Sensor Using the CLI
Step 6
Step 7
Step 8
Step 9
Caution
Cisco IOS Software
Step 1
Step 2
Step 3
Cisco Intrusion Detection System Appliance and Module Installation and Configuration Guide Version 4.1
78-15597-02
Apply the ACL created in Step 4 to the interface selected in Step 5:
Router(config-if)# mls ip ids
Log in to the supervisor engine.
Enter privileged mode.
Console> enable
On the supervisor engine, add the IDSM-2 monitoring port (port 7 or 8) to the
VACL capture list:
Console> (enable) set security acl capture
For the IDSM-2 to capture all packets marked by the mls ip ids command, port 7
or 8 of the IDSM-2 must be a member of all VLANs to which those packets are
routed.
When you are using ports as router interfaces rather than switch ports, there is no
VLAN on which to apply a VACL.
You can use the mls ip ids command to designate which packets will be captured.
Packets that are permitted by the ACL will be captured. Those denied by the ACL
will not be captured. The permit/deny parameter does not affect whether a packet
is forwarded to destination ports. Packets coming into that router interface are
checked against the IDS ACL to determine if they should be captured.
To use the mls ip ids command to capture IDS traffic, follow these steps:
Log in to the console.
Enter privileged mode:
Router> enable
Enter configuration mode:
Router# configure terminal
IDSM-2 Configuration Tasks
word
idsm_module
port_number
/
10-97
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor and is the answer not in the manual?
Questions and answers