Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Pre-shun and Post-shun

I have not been able to find any good documentation on the pre-shun and post-shun acl functions in the blocking devices tab. Here's what I'm trying to do: I want my sensor to control and block with our isp-connected atm interface. However, when I do this, it does not allow us to use our ACL, which will prevent someone from telnet'ing to that interface from the internet! How do I add in a pre-shun acl to do this? I created an acl, put the same number in the pre-shun box, but it never uses it... it only will use the IDS acl.

1 REPLY
Cisco Employee

Re: Pre-shun and Post-shun

It sounds like either the configuration change is not being pushed to the

sensor, or there is a mis-configuration somewhere.

To determine what the problem is we would need the following:

1) the file /usr/nr/etc/managed.conf on the sensor

2) the file /usr/nr/etc/daemons on the sensor

3) the output of nrvers executed on the sensor

4) any /usr/nr/var/errors.managed.### that are on the sensor

5) the output of show run from the router.

Pls. open a TAC case and provide these files and we'll prceed from there.

Thanks,

-Mun

IDS Product Manager

100
Views
0
Helpful
1
Replies