C-15
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
78-16527-01
Appendix C Troubleshooting
Troubleshooting the 4200 Series Appliance
Step 8
Start the IPS services:
sensor#
cids start
Step 9
Log in to an account with administrator privileges.
Step 10
Reboot the sensor:
sensor#
reset
Warning: Executing this command will stop all applications and reboot the node.
Continue with reset? [yes]:
yes
Request Succeeded.
sensor#
Bad Memory on IDS-4250-XL
Some IDS-4250-XLs were shipped with faulty DIMMs on the XL cards. The faulty DIMMs cause the
sensor to hang or SensorApp to stop functioning and generate a core file.
For the procedure for checking IDS-4250-XL for faulty memory, see the
Partner Field 52563
.
Blocking
This section provides troubleshooting help for blocking and the Network Access Controller service. It
contains the following topics.
•
Troubleshooting Blocking, page C-15
•
Verifying Network Access Controller is Running, page C-16
•
Verifying Network Access Controller Connections are Active, page C-17
•
Device Access Issues, page C-18
•
Verifying the Interfaces and Directions on the Network Device, page C-19
•
Enabling SSH Connections to the Network Device, page C-20
•
Blocking Not Occurring for a Signature, page C-21
•
Verifying the Master Blocking Sensor Configuration, page C-22
Troubleshooting Blocking
After you have configured Network Access Controller, you can verify if it is running properly by using
the
show version
command. To verify that Network Access Controller is connecting to the network
devices, use the
show statistics network-access
command.
To troubleshoot Network Access Controller, follow these steps:
1.
Verify that Network Access Controller is running.
For the procedure see
Verifying Network Access Controller is Running, page C-16
.
2.
Verify that Network Access Controller is connecting to the network devices.
For the procedure see
Verifying Network Access Controller Connections are Active, page C-17
.