Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
469
Views
0
Helpful
2
Replies

IPS configured on ASA Test

bapatsubodh
Level 1
Level 1

‎03-02-2008 07:42 PM - edited ‎03-10-2019 04:01 AM

Hi,

Our supplier has configured IPS on ASA device. With changing to session mode and then making some configuration. But we are unable to test that it has been configured properly or not.

Is there any way to check wheather it has been configured properly ?

Do we need to update the signature very often ?

Any tool available to simulate a situation so that configuration can be tested ?

Link on cisco.com or experience is highly appreciated !

Thanks in advance.

subodh

Labels:
0 Helpful
2 Replies 2

jim
Level 1
Level 1

‎03-03-2008 10:42 AM

anyway you can post up your config?

here is a link that might be helpful

http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliguide.html

0 Helpful

rhermes
Level 7
Level 7

‎03-04-2008 09:36 AM

If you have remote access to the unit and are comfortable with the CLI, the "show status" family of commands will tell you what is working or not.

show stat analysis-engine

show stat virtual-sensor

show interface (see if you're getting traffic)

To test the sensor, un-retire and enable sig 2004 (echo reply). Run some pings and replies thru the sensor and look for events:

show event alert past 00:10 (shows all of your alerts for the past 10 min)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card