cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

781
Views
0
Helpful
5
Replies
Highlighted
Beginner

Signatur updates for Cisco IPS 4510

Hi there.

I one question to all cisco IDS/IPS professionals. If the management port only accept inbound traffic how can I then activate my Cisco 4510 IPS appliance to get automatically signature updates from cisco.com ? That one requires outbound traffic too. 

Thanks.

.

5 REPLIES 5
Highlighted
VIP Mentor

You Management0/0-port only supports "to-the-box" traffic which means that you can't use that port for an inline pair or a vlan-pair. But with the IP on that port configured, you can not only connect to your sensor, the sensor can also initiate connection to the rest of the network and so you can reach your update-destionations.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Highlighted
Beginner

I already configured ip address ón my management port. Will thar mean that it should be possible to inititativet trafficking from that port ?

Sent from Cisco Technical Support iPhone App

Highlighted

Yes, you can try it from CLI with the "copy"-command and a local FTP-Server. If your IP-settings are correct, then it should work.

Sent from Cisco Technical Support iPad App

Highlighted

Hi Karsten,

I cannot test with FTP because I dont have any FTP servers availeble. But when try to get updates from 

https://72.163.4.161//cgi-bin/front.x/ida/locator/locator.pl I dont see any outbound traffic from my IPS appliance. Are you sure about that the management interface can intiate outbound traffic ?

Highlighted

From the console you can ping and traceroute to test the reachability. Have you double-checked your IP-settings with the Default-Gateway for the sensor? It really should work that way.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Content for Community-Ad