Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1561
Views
3
Helpful
2
Replies

IDS Shunning on a PIX

andy
Level 1
Level 1

‎12-10-2004 02:41 PM - edited ‎03-10-2019 01:10 AM

I have a IDS 4215 that I configured a PIX blocking device on. It appears to be set up correctly, but I am not sure how I can confirm the setup. Are there any methods to confirm its configuration? Thanks in advance.

Labels:
0 Helpful
2 Replies 2

jlively
Cisco Employee
Cisco Employee

‎12-10-2004 08:28 PM

There are several ways. Log into the cli on the sensor and do a show stat net. You should see the pix listed with a status of active. Next log into the pix. Do a show shun and you should see all current shuns. (NOTE: The active shuns are also shown in the show stat net output for comparison.) In order for the sensor to create shuns on the pix, signatures have to be configured to either shun/block host or shun/block connection (but not both). You can use IDM to create a manual shun if you are not generating automatic alarms.

andy
Level 1
Level 1
In response to jlively

‎12-13-2004 05:47 AM

OK, thanks. the show stat net command echoed back some good info. The PIX shows no active shuns, but I assume that is because there is nothing happening at the moment. Thanks for your post.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card