IPS configured on ASA Test

Unanswered Question
Mar 2nd, 2008
User Badges:


Our supplier has configured IPS on ASA device. With changing to session mode and then making some configuration. But we are unable to test that it has been configured properly or not.

Is there any way to check wheather it has been configured properly ?

Do we need to update the signature very often ?

Any tool available to simulate a situation so that configuration can be tested ?

Link on cisco.com or experience is highly appreciated !

Thanks in advance.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rhermes Tue, 03/04/2008 - 09:36
User Badges:
  • Gold, 750 points or more

If you have remote access to the unit and are comfortable with the CLI, the "show status" family of commands will tell you what is working or not.

show stat analysis-engine

show stat virtual-sensor

show interface (see if you're getting traffic)

To test the sensor, un-retire and enable sig 2004 (echo reply). Run some pings and replies thru the sensor and look for events:

show event alert past 00:10 (shows all of your alerts for the past 10 min)


This Discussion