12-03-2001 12:10 AM - edited 02-20-2020 09:55 PM
Hi All,
Which PIX Image Version supports for IDS feature set... ? How can I update the IDS signature in the PIX ??
thanks
12-03-2001 11:53 AM
I believe the 1st Pix version to support IDS was 5.2(1) according to the Pix Release Notes.
All later version of the Pix should support IDS.
In Pix 6.0 there is support for interoperability with IDS sensors. IDS sensors are now able to connect to the Pix and change the Pix configuration to block ip addresses using a new "shun" command on the Pix.
As for updating signatures. You can configure the signatures using the ip audit command.
Refer to: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/config/sysmgmt.htm#xtocid158169
As for new signatures: The signatures are hard coded in the Pix source code and users can not add their own custom signatures. New signatures would have to be included as part of a new Pix software version.
I would suggest either calling the TAC to request that more signatures be added to the Pix IDS feature, or begin a discussion on the Pix Net Pro Forum. The IDS Net Pro Forum is primarily monitored by developers of the IDS-42xx applliances and the WS-x6381-IDS Module for the Cat 6000. To get the attention of the Pix developers I would recommend posting on the Firewall forum.
12-03-2001 05:41 PM
Hi,
thanks for you reply...btw have you ever configured VPN + NAT using cspm 232f ? I've never been successful to configure this ? I won't work VPN+NAT...How can I solve this problem... or CSPM is not intended for configuring VPN with NAT. Because I can configure VPN+NAT using CLI..
thanks
12-04-2001 04:18 PM
I'm only familiar with the CSPM 2.3.3i versions for IDS management and not the Firewall/IOS router management versions.
I'll ask around though and see if any one here is familiar.
You could also try the Firewall Forum.
12-05-2001 11:06 AM
Here's a response I got from one of the CSPM developers:
--------------------------------------------------------------------------------------
CSPM can configure VPN with NAT. It can also support NO-NAT configuration with IPSec for both PIX and IOS.
Please see the page for more info on CSPM3.0.
http://iqlas-nt2/cspm30/index.html
Please see the design guide, which describes some common customer scenarios and how-to accomplish that in CSPM3.0. All the cases contains cpm files, so it should be pretty easy to play with.
http://iqlas-nt2/CSPM30-casestudies/CSPM-30-customer-scenario.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide