C-16
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
78-16527-01
Appendix C Troubleshooting
Troubleshooting the 4200 Series Appliance
3.
Verify that the Event Action is set to Block Host for specific signatures.
For the procedure see
Blocking Not Occurring for a Signature, page C-21
.
4.
Verify that the master blocking sensor is properly configured.
For the procedure, see
Verifying the Master Blocking Sensor Configuration, page C-22
.
Note
For a discussion of Network Access Controller architecture, see
Network Access Controller, page A-12
.
Verifying Network Access Controller is Running
To verify that Network Access Controller is running, use the
show version
command. If MainApp is not
running, Network Access Controller cannot run. Network Access Controller is part of MainApp.
Step 1
Log in to the CLI.
Step 2
Verify that MainApp is running:
sensor#
show version
Application Partition:
Cisco Intrusion Prevention System, Version 5.0(1.1)S152.0
OS Version 2.4.26-IDS-smp-bigphys
Platform: IPS-4255-K9
Serial Number: JAB0815R017
No license present
Sensor up-time is 3 days.
Using 734863360 out of 3974291456 bytes of available memory (18% usage)
system is using 17.3M out of 29.0M bytes of available disk space (59% usage)
application-data is using 35.6M out of 166.8M bytes of available disk space (23% usage)
boot is using 40.5M out of 68.6M bytes of available disk space (62% usage)
MainApp 2005_Mar_04_14.23 (Release) 2005-03-04T14:35:11-0600 Not Running
AnalysisEngine 2005_Mar_18_12.53 (Release) 2005-03-18T13:03:21-0600 Running
CLI 2005_Mar_04_14.23 (Release) 2005-03-04T14:35:11-0600
Upgrade History:
IDS-K9-sp-5.0-1.1- 12:53:00 UTC Fri Mar 18 2005
Recovery Partition Version 1.1 - 5.0(1.1)
sensor#
Step 3
If MainApp displays
Not Running
, Network Access Controller has failed. Contact the TAC.