From: Stefan Grey (examplebrain@hotmail.com)
Date: Wed Sep 06 2006 - 16:20:51 ART
Hello guys. I have spent last 1,5 days unsuccesfully trying configure
shunning on IDS in different topologies. Could you please suggest me what
should I do or what I do wrong in configuring shunning??
My steps are as following
--r1----r2
|
Pc----IDS
The topology is just as in the link below
http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_example09186a00801c0e3c.shtml
I couldn't configure shunning on either the PIX or the router.
The only difference which was from what is in the example and in workbooks
was: that I accessed the IDS through 80 port and not the default 443. So the
IEV was also connected using 443 port and http. Could it be the reason??
In the example what do this lists 199, 198 do??
I have no ideas. Everything is pingable telnetable with correct passwords.
On IDS is the signature with telnet and word "test" and Shun HOst, severity
high configured. Also logical device R1, block on R1 (interface which is
going to R2). (And pre, after acls are 198, 199).
Any ideas. Did anybody configured shunning before?? What tricks can be here
to make it working?? May it be the bug of the IDS?? Should I clear the
config on it??
Thanks.
This archive was generated by hypermail 2.1.4 : Sun Oct 01 2006 - 16:55:40 ART