Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ios ids

10.1.1.0/24(e0) | r1 | 192.168.1.0/24 (s0)

i'd like to enable r1 cbac & ids

I configured cbac as below.

By the way, do not know whether must apply ids direction how.

1.Telnet & web traffic that enter to inbound from outside using ids monitor do wish to .

2.Web traffic that leave interior wishes to do inspect.

r1

ip ins name fw tcp

ip ins name fw http

int e0

descrytion internal

ip address 10.1.1.254 255.255.255.0

ip access-group 100 in

ip ins fw in

int s0

descrytion external

ip address 192.168.1.254 255.255.255.0

ip access-group 110 in

access-list 100 per tcp 10.1.1.0 0.0.0.255 an eq 23

access-list 100 per tcp 10.1.1.0 0.0.0.255 an eq 80

access-list 110 per icmp any any

access-list 110 den ip any any

1 REPLY
Cisco Employee

Re: ios ids

Hi,

The 'ip audit' i.e. the IDS monitoring should be applied to the outside interface in the IN direction. So in your case, the ip audit rule should be applied to the int s0 in the IN direction.

Please use the below guide for procedure to configure the IOS IDS.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scfids.htm

Hope this helps,

Thanks,

yatin

97
Views
0
Helpful
1
Replies
CreatePlease to create content