Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

IPS configured on ASA Test

Hi,

Our supplier has configured IPS on ASA device. With changing to session mode and then making some configuration. But we are unable to test that it has been configured properly or not.

Is there any way to check wheather it has been configured properly ?

Do we need to update the signature very often ?

Any tool available to simulate a situation so that configuration can be tested ?

Link on cisco.com or experience is highly appreciated !

Thanks in advance.

subodh

2 REPLIES
jim
New Member

Re: IPS configured on ASA Test

anyway you can post up your config?

here is a link that might be helpful

http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliguide.html

Gold

Re: IPS configured on ASA Test

If you have remote access to the unit and are comfortable with the CLI, the "show status" family of commands will tell you what is working or not.

show stat analysis-engine

show stat virtual-sensor

show interface (see if you're getting traffic)

To test the sensor, un-retire and enable sig 2004 (echo reply). Run some pings and replies thru the sensor and look for events:

show event alert past 00:10 (shows all of your alerts for the past 10 min)

243
Views
0
Helpful
2
Replies
CreatePlease to create content