I'm testing IDSM2 witht the lateset IOS on a CAT 6504 with SUP72010GE. The setup is using the promiscouse mode VACL, and traffic is being captured by the IDSM2 i can see the traffic in the Event Dasboard etc. I wish to configure the IDS to send a tcp reset for the attacks. Under IPS Policies with the actions i added the Reset TCP Connection. But I'm Stuck There.
From the documentation that i reviewed it was stated that i need to assign another interface for the tcp reset and allow the vlan\s that i'm capturing.
The comments in the User Guide only apply to Cat OS, and only apply to promiscuous mode.
Cat OS provides multiple different config options that could prevent TCP resets from working properly, however in Native IOS with the special "intrusion-detection module" commands take care of these issues automatically without the user having to do
anything. The IDSM2 has two data ports (a.k.a. "sensing interfaces"), and a separate tcp-reset interface. In native IOS you do not need to configure the tcp-reset interface, either on the IDSM2 or on the switch. It is automatically added to all necessary vlans by the switch.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :