The situation is the following:IPS device
- IPS4260 7.0(6)E4ARC device - 6500 IOS 12.2(33)SXI5 6500 has 2 Internet
connections - vlan2 and vlan11 are according L3 interfaces.IPS works in
promiscious mode, traffic captured using VACL capture on vlan2 and vlan11.the
servers which must be protected are in vlan 8, i need to setup outgoing block
ACL on Vlan8 L3 interface. I have two problems wiht this configurtion:1)IPS
didnot enter blocked hosts and connections into the ACL. I see that
the ACL on intreface is regualrly changed from IDS_Vlan8_out_1 to
IDS_Vlan8_out_0, but no block entries are added .2)if I to try read running
config i regularly got the warning that the configration is not accesible.
How often the IPS should change the block ACls?Why it doesn't add the Block
entries? Thanks for any clue
RegardsVladislav Yezhergin
Blogs and organic groups at http://www.ccie.net
Received on Wed Oct 05 2011 - 16:46:51 ART
This archive was generated by hypermail 2.2.0 : Tue Nov 15 2011 - 13:10:29 ART