Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
781
Views
10
Helpful
5
Replies

IPS 4240 - configuration

egain.com
Level 1
Level 1

‎07-24-2006 05:01 PM - edited ‎03-10-2019 03:07 AM

hi

I have IPS 4240 - ver 5.0.2 . I am not able to start admin console from any other host other than those on the same network (class C). I have configured allowed host properly in the config. Please suggest.

Please direct me to any url where the setup/configuration has been explained in detail.

thanks.

regards

Rakesh

=====

Labels:
0 Helpful
5 Replies 5

edadios
Cisco Employee
Cisco Employee

‎07-24-2006 05:15 PM

Please do run setup and try to modify the access list like below.

For exaple to allow network in the 192.168.1.0 255.255.255.0 range:

Modify current access list?[no]: yes

Current access list entries:

[1] 10.0.0.0/8

Delete:

Permit:192.168.1.0/24

This is documented here:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids11/cliguide/cliinit.htm#wp1031114

The other thing to check is wether there is some sort of firewall/filter in the path from the other network defined to the sensor for https port you configured.

Hope this helps.

marcabal
Cisco Employee
Cisco Employee
In response to edadios

‎07-25-2006 06:43 AM

Also ensure that your default gateway is correct.

When running setup the ip address, netmask, and default gateway are entered in this format:

/,

example:

10.1.1.30/24,10.1.1.1

If the default gateway is not configured correctly, then the sensor will be able to talk with other hosts in the same network, but won't be able to send packets to any other network.

Compare the default gateway setting on the sensor with the setting on other machines in the same network.

egain.com
Level 1
Level 1
In response to marcabal

‎07-25-2006 03:46 PM

Thanks all.

Finally found the problem. It was due to IP clashing with my sniffer laptop which was put last week for temp usage.

Can anybody say, what would be the best way to collect and analyse the events? Is it possible to set email notifications? Thanks again.

regards

Rakesh

======

0 Helpful

marcabal
Cisco Employee
Cisco Employee
In response to egain.com

‎07-25-2006 07:24 PM

Depends on the number of sensors.

For large deployments CS MARS is recommended for event viewing. It is an enterprise class viewer that can handle large deployments of sensors.

But is also an additional purchase cost.

For small deployments IEV is recommended for event viewing. It handles between 1 and 5 sensors. It is available for no additional charge as part of the standard maintenance contracts for the sensor:

http://www.cisco.com/cgi-bin/tablebuild.pl/ips-ev

CS MARS does support sending email notifications.

IEV does not yet support sending email notifications (feature request is in review).

The sensor itself does not send email notifications, however the sensor can be configured to send SNMP traps. Many SNMP receiver tools are able to generate email notifications from the SNMP traps.

egain.com
Level 1
Level 1
In response to marcabal

‎07-26-2006 08:24 AM

Thanks a lot for this info. It will help.

The last question.. - how to update the signaturres?

thanks

regards

Rakesh

=====

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card