Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1214
Views
3
Helpful
5
Replies

Advise IPS on a Cisco 877

whiteford
Level 1
Level 1

‎05-11-2008 05:15 AM - edited ‎03-10-2019 04:06 AM

Hi,

I am using the SDM and noticed my home 877 can use IPS. Can anyone offer some advise on how to set up IPS on this router, I just want to get something basic running then I can learn from that.

I have 2 interfaces, the dialer 1 (outside) and VLAN1 (inside), should IPS be on both or just the outside?

Labels:
0 Helpful
5 Replies 5

whiteford
Level 1
Level 1
In response to kmccourt

‎05-14-2008 11:59 PM

Thanks, so I don't have to pay for the IPS signatures etc, I have an accoutn to download from Cisco?

0 Helpful

kmccourt
Level 1
Level 1
In response to whiteford

‎05-15-2008 12:08 PM

No.

0 Helpful

rhermes
Level 7
Level 7
In response to whiteford

‎05-15-2008 01:20 PM

You don't have to pay for the router based IOS IPS signatures yet. But next year there will be a license requirement in order to even run the IPS feature (not just to upgrade signatures). Fortunately Cisco has a FREE Cisco License Manager to help you with all your new licensing requirements.

http://www.cisco.com/en/US/products/ps7138/index.html

0 Helpful

whiteford
Level 1
Level 1
In response to rhermes

‎05-16-2008 12:56 AM

Hi,

This really helped, but I have a few questions.

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/prod_white_paper0900aecd8066d265.html

I followed the document, but how do I know it's all working? :) I'm very new to IPS.

I have 2 interfaces:

dialer1 - outside interface

vlan1 - inside

I applied the IPS to the inbound side of dialer 1 is this right?

Also page 13 has a screenshot of all the signatures, inmy SDM it's all blank.

877# sh ip ips con

IPS Signature File Configuration Status

Configured Config Locations: flash:/IPS/

Last signature default load time: 09:28:28 BST May 16 2008

Last signature delta load time: -none-

Last event action (SEAP) load time: -none-

General SEAP Config:

Global Deny Timeout: 3600 seconds

Global Overrides Status: Enabled

Global Filters Status: Enabled

IPS Auto Update is not currently configured

IPS Syslog and SDEE Notification Status

Event notification through syslog is enabled

Event notification through SDEE is enabled

IPS Signature Status

Total Active Signatures: 377

Total Inactive Signatures: 1887

IPS Packet Scanning and Interface Status

IPS Rule Configuration

IPS name sdm_ips_rule

IPS fail closed is disabled

IPS deny-action ips-interface is false

Fastpath ips is enabled

Quick run mode is enabled

Interface Configuration

Interface Dialer1

Inbound IPS rule is sdm_ips_rule

Outgoing IPS rule is not set

IPS Category CLI Configuration:

Category all:

Retire: True

Category ios_ips basic:

Retire: False

877# sh ip ips signature

Cisco SDF release version S333.0

Trend SDF release version V0.0

Just some little pointers would be so much help

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card