Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1583
Views
0
Helpful
4
Replies

IDS in PIX Cisco Firewall

wongsusanto
Level 1
Level 1

‎12-03-2001 12:10 AM - edited ‎02-20-2020 09:55 PM

Hi All,

Which PIX Image Version supports for IDS feature set... ? How can I update the IDS signature in the PIX ??

thanks

0 Helpful
4 Replies 4

marcabal
Cisco Employee
Cisco Employee

‎12-03-2001 11:53 AM

I believe the 1st Pix version to support IDS was 5.2(1) according to the Pix Release Notes.

All later version of the Pix should support IDS.

In Pix 6.0 there is support for interoperability with IDS sensors. IDS sensors are now able to connect to the Pix and change the Pix configuration to block ip addresses using a new "shun" command on the Pix.

As for updating signatures. You can configure the signatures using the ip audit command.

Refer to: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/config/sysmgmt.htm#xtocid158169

As for new signatures: The signatures are hard coded in the Pix source code and users can not add their own custom signatures. New signatures would have to be included as part of a new Pix software version.

I would suggest either calling the TAC to request that more signatures be added to the Pix IDS feature, or begin a discussion on the Pix Net Pro Forum. The IDS Net Pro Forum is primarily monitored by developers of the IDS-42xx applliances and the WS-x6381-IDS Module for the Cat 6000. To get the attention of the Pix developers I would recommend posting on the Firewall forum.

0 Helpful

wongsusanto
Level 1
Level 1
In response to marcabal

‎12-03-2001 05:41 PM

Hi,

thanks for you reply...btw have you ever configured VPN + NAT using cspm 232f ? I've never been successful to configure this ? I won't work VPN+NAT...How can I solve this problem... or CSPM is not intended for configuring VPN with NAT. Because I can configure VPN+NAT using CLI..

thanks

0 Helpful

marcabal
Cisco Employee
Cisco Employee
In response to wongsusanto

‎12-04-2001 04:18 PM

I'm only familiar with the CSPM 2.3.3i versions for IDS management and not the Firewall/IOS router management versions.

I'll ask around though and see if any one here is familiar.

You could also try the Firewall Forum.

0 Helpful

marcabal
Cisco Employee
Cisco Employee
In response to marcabal

‎12-05-2001 11:06 AM

Here's a response I got from one of the CSPM developers:

--------------------------------------------------------------------------------------

CSPM can configure VPN with NAT. It can also support NO-NAT configuration with IPSec for both PIX and IOS.

Please see the page for more info on CSPM3.0.

http://iqlas-nt2/cspm30/index.html

Please see the design guide, which describes some common customer scenarios and how-to accomplish that in CSPM3.0. All the cases contains cpm files, so it should be pretty easy to play with.

http://iqlas-nt2/CSPM30-casestudies/CSPM-30-customer-scenario.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card