Pre-shun and Post-shun

csimpson · ‎09-10-2001

I have not been able to find any good documentation on the pre-shun and post-shun acl functions in the blocking devices tab. Here's what I'm trying to do: I want my sensor to control and block with our isp-connected atm interface. However, when I do this, it does not allow us to use our ACL, which will prevent someone from telnet'ing to that interface from the internet! How do I add in a pre-shun acl to do this? I created an acl, put the same number in the pre-shun box, but it never uses it... it only will use the IDS acl.

mhossain · ‎09-12-2001

It sounds like either the configuration change is not being pushed to the

sensor, or there is a mis-configuration somewhere.

To determine what the problem is we would need the following:

1) the file /usr/nr/etc/managed.conf on the sensor

2) the file /usr/nr/etc/daemons on the sensor

3) the output of nrvers executed on the sensor

4) any /usr/nr/var/errors.managed.### that are on the sensor

5) the output of show run from the router.

Pls. open a TAC case and provide these files and we'll prceed from there.

Thanks,

-Mun

IDS Product Manager