cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1368
Views
0
Helpful
9
Replies

SDM 2.4 and IPS V5

ynyng
Level 1
Level 1

Does V5 IPS not work with SDM? I get the message "IPS not supported" using IOS 12.4(11)T1. CLI show IPS working.

1 Accepted Solution

Accepted Solutions

ymzhang
Level 1
Level 1

SDM need 12.4(11)T2 or later image to support IOS IPS in 5.x signature format due to some issues in IOS.

For 12.4(11)T1, the best option is to use CLI for now.

Also please refer http://www.cisco.com/en/US/products/ps6634/products_white_paper0900aecd805c4ea8.shtml

Thanks,

-Chris

View solution in original post

9 Replies 9

ymzhang
Level 1
Level 1

SDM need 12.4(11)T2 or later image to support IOS IPS in 5.x signature format due to some issues in IOS.

For 12.4(11)T1, the best option is to use CLI for now.

Also please refer http://www.cisco.com/en/US/products/ps6634/products_white_paper0900aecd805c4ea8.shtml

Thanks,

-Chris

Thank you Chris!

any time! -Chris

juan_m_12
Level 1
Level 1

hi, i got the same issue, with IOS c2800nm-advipservicesk9-mz.124-11.T1.bin image, i will need to read the full document mentionated above

thanks

Hi,

Is anyone else having high memory issues when using ver 5? I have installed on a 1801 with 128 M memory. It only has 4 M free now. Is there a way to reduce the active signatures? I have disbaled some but the number of active is still at 338.

Thanks,

Scott

you can use IOS IPS CLI to retire un-needed signatures.

ip ips signature-definition

signature 3307 0

status

retired true

Be sure to answer yes to the prompt when exiting the CLI configuration.

Do you want to accept these changes? [confirm]y

Once a signature is retired, it wont be compiled by IOS IPS.

-Chris

hi,

what is different between "retired ture/false" and "enabled ture/false", thanks

When a signature is retired, it is no longer processed by the engine, saving memory.

When a signature is disabled, it is still processed by the engine, but will not display alerts when it is triggered.

thank you.

Review Cisco Networking for a $25 gift card