Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
360
Views
0
Helpful
2
Replies

IDS 4215 not sending SHUN to PIX

adminrdkeith
Level 1
Level 1

‎10-29-2004 04:52 AM - edited ‎02-20-2020 11:42 PM

Just installed a new IDS, Have enabled several default sig. Have telnet configured to PIX. Have verified using (who) in pix and it shows the IDS. Problem: IDS is not sending any SHUN statements to PIX. Is there anything in the PIX I need to set to allow the SHUN to work? Not sure what to look for next. Need suggestions Please??

Thanks

0 Helpful
2 Replies 2

jlively
Cisco Employee
Cisco Employee

‎10-29-2004 06:14 AM

Have you made sure an alarm is firing and sending a block request to nac (network access controller)? Do a show events from the sensor cli. When the alarm fires there should also be an event requesting a shun(block).

When you enabled the sigs, what event action did you set, block connection or block host ?

0 Helpful

adminrdkeith
Level 1
Level 1
In response to jlively

‎10-29-2004 10:23 AM

Looked in events, it shows no event requesting a shun?

I enabled sigs by default, selecting the (attack) option. Cant seem to find the event action to block connection or block host?

IDS 4.1 PIX 6.3(4)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card