IOS firewall and IPS

Unanswered Question
Mar 21st, 2008

There is a 2811 security router configured and there is a web server behind, accessible from the internet.

We want to make stress test from the internet to the web server to see where the router and the webserver pair has their limits. However the router cuts off the stress test correctly, as it is similar to a DoS attack.

Is it possible to make exceptions in protection for some public IP addresses from where we want to run stress tests?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
lfarago1 Fri, 03/21/2008 - 07:02

New discoveries by myself: the stress test was not stopped by the IPS function, actually it has been stopped by the IOS firewall's maximum TCP incomplete TCP sessions to a host" function and access to the host was banned for 10 minutes completely (info found in syslog). I adjusted its settings as required and further testing will be done later.

In IPS I defined an IPS filter to releive required source IP address for testing, excempted from check.

If anyone feels to add something, welcome.

Actions

This Discussion