×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ios ids

Unanswered Question
Jun 2nd, 2003
User Badges:

10.1.1.0/24(e0) | r1 | 192.168.1.0/24 (s0)

i'd like to enable r1 cbac & ids

I configured cbac as below.

By the way, do not know whether must apply ids direction how.

1.Telnet & web traffic that enter to inbound from outside using ids monitor do wish to .

2.Web traffic that leave interior wishes to do inspect.

r1

ip ins name fw tcp

ip ins name fw http

int e0

descrytion internal

ip address 10.1.1.254 255.255.255.0

ip access-group 100 in

ip ins fw in

int s0

descrytion external

ip address 192.168.1.254 255.255.255.0

ip access-group 110 in


access-list 100 per tcp 10.1.1.0 0.0.0.255 an eq 23

access-list 100 per tcp 10.1.1.0 0.0.0.255 an eq 80


access-list 110 per icmp any any

access-list 110 den ip any any

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ywadhavk Tue, 06/03/2003 - 05:28
User Badges:
  • Cisco Employee,

Hi,

The 'ip audit' i.e. the IDS monitoring should be applied to the outside interface in the IN direction. So in your case, the ip audit rule should be applied to the int s0 in the IN direction.


Please use the below guide for procedure to configure the IOS IDS.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scfids.htm


Hope this helps,

Thanks,

yatin

Actions

This Discussion