cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
252
Views
0
Helpful
1
Replies

IOS firewall and IPS

lfarago1
Level 1
Level 1

There is a 2811 security router configured and there is a web server behind, accessible from the internet.

We want to make stress test from the internet to the web server to see where the router and the webserver pair has their limits. However the router cuts off the stress test correctly, as it is similar to a DoS attack.

Is it possible to make exceptions in protection for some public IP addresses from where we want to run stress tests?

1 Reply 1

lfarago1
Level 1
Level 1

New discoveries by myself: the stress test was not stopped by the IPS function, actually it has been stopped by the IOS firewall's maximum TCP incomplete TCP sessions to a host" function and access to the host was banned for 10 minutes completely (info found in syslog). I adjusted its settings as required and further testing will be done later.

In IPS I defined an IPS filter to releive required source IP address for testing, excempted from check.

If anyone feels to add something, welcome.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: