Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
461
Views
0
Helpful
3
Replies

how to change the default servcie port number to be checked for the IPS sig

mahmoud.yasin
Level 1
Level 1

‎07-27-2009 02:31 AM - edited ‎03-10-2019 04:42 AM

Dear

i have an AIP-SSM (IPS) installed in a an ASA firewall.

i have configured an access-list in the firewall to forward the traffic coming from the internet toward the internal server to be checked by the IPS module.

but the case is that the services have to be checked is not the default services port numbers.

http port is 8081

oracle port is 2006

and many other services.

the question now, is how to change the default service number in the IPS in order to be checked by the corresponding service signatures?

Thanks

Labels:
0 Helpful
3 Replies 3

rhermes
Level 7
Level 7

‎07-27-2009 07:54 AM

You would set those as part of the signature variables.

http://www.cisco.com/en/US/docs/security/ips/6.1/configuration/guide/cli/cli_signature_definitions.html#wp1040009

0 Helpful

mahmoud.yasin
Level 1
Level 1
In response to rhermes

‎07-27-2009 10:26 PM

Dear Sir

thank you for your reply.

but can i use the signature variables to add a variable ports for other services than WEB Ports.

i mean that i want to add a variable service for another remote desktop port (5555). is this possible?

Thanks

0 Helpful

rhermes
Level 7
Level 7
In response to mahmoud.yasin

‎07-28-2009 07:32 AM

If you can't set a variable for the RDP port number, then your alternative is to copy the existing RDP signatures to custom (60000 and above) signatures and change the port number on them.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card