C-18
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
78-16527-01
Appendix C Troubleshooting
Troubleshooting the 4200 Series Appliance
Step 7
Make sure the interface and directions for each network device are correct.
For the procedure, see
Verifying the Interfaces and Directions on the Network Device, page C-19
.
Step 8
If the network device is using SSH-DES or SSH-3DES, make sure that you have enabled SSH
connections to the device.
For the procedure, see
Enabling SSH Connections to the Network Device, page C-20
.
Step 9
Verify that each interface and direction on each controlled device is correct.
For the procedure see
Verifying the Interfaces and Directions on the Network Device, page C-19
.
Device Access Issues
Network Access Controller may not be able to access the devices it is managing. Make sure the you have
the correct IP address and username and password for the managed devices and the correct interface and
direction configured.
Note
SSH devices must support SSH 1.5. The sensor does not support SSH 2.0.
To troubleshoot device access issues, follow these steps:
Step 1
Log in to the CLI.
Step 2
Verify the IP address for the managed devices:
sensor#
configure terminal
sensor (config)#
service network-access
sensor(config-net)#
show settings
general
-----------------------------------------------
log-all-block-events-and-errors: true <defaulted>
enable-nvram-write: false <defaulted>
enable-acl-logging: false <defaulted>
allow-sensor-block: false <defaulted>
block-enable: true <defaulted>
block-max-entries: 250 <defaulted>
max-interfaces: 250 <defaulted>
master-blocking-sensors (min: 0, max: 100, current: 0)
-----------------------------------------------
-----------------------------------------------
never-block-hosts (min: 0, max: 250, current: 0)
-----------------------------------------------
-----------------------------------------------
never-block-networks (min: 0, max: 250, current: 0)
-----------------------------------------------
-----------------------------------------------
block-hosts (min: 0, max: 250, current: 0)
-----------------------------------------------
-----------------------------------------------
block-networks (min: 0, max: 250, current: 0)
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
user-profiles (min: 0, max: 250, current: 1)
-----------------------------------------------
profile-name: r7200
-----------------------------------------------