Disabling Blocking - Cisco 4215 - Intrusion Detection Sys Sensor Configuration Manual
Configuration guide
Hide thumbs
Also See for 4215 - Intrusion Detection Sys Sensor:
- Hardware installation manual (74 pages)
Table of Contents
Advertisement
Configuring Blocking Properties
--MORE--
Exit network access submode:
Step 8
sensor(config-net-gen)# exit
sensor(config-net)# exit
Apply Changes:?[yes]:
Press Enter to apply the changes or type
Step 9
Disabling Blocking
Use the block-enable [true | false] command in the service network access submode to enable or disable
blocking on the sensor.
By default, blocking is enabled on the sensor. If Network Access Controller is managing a device and
you need to manually configure something on that device, you should disable blocking first. You want
to avoid a situation in which both you and Network Access Controller could be making a change at the
same time on the same device. This could cause the device and/or Network Access Controller to crash.
If you disable blocking for maintenance on the devices, make sure you enable it after the maintenance
Caution
is complete or the network will be vulnerable to attacks that would otherwise be blocked.
While blocking is disabled, Network Access Controller continues to receive blocks and track the time
Note
on active blocks, but will not apply new blocks or remove blocks from the managed devices. After
blocking is reenabled, the blocks on the devices are updated.
To disable blocking, follow these steps:
Log in to the CLI using an account with administrator privileges.
Step 1
Enter network access submode:
Step 2
sensor# configure terminal
Step 3
Enter general submode:
sensor(config-net)# general
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
10-6
-----------------------------------------------
-----------------------------------------------
never-block-hosts (min: 0, max: 250, current: 1)
-----------------------------------------------
ip-address: 11.11.11.11
-----------------------------------------------
-----------------------------------------------
never-block-networks (min: 0, max: 250, current: 1)
-----------------------------------------------
ip-address: 12.12.0.0/16
-----------------------------------------------
-----------------------------------------------
block-hosts (min: 0, max: 250, current: 0)
-----------------------------------------------
to discard them.
no
Chapter 10
Configuring Blocking
78-16527-01
Advertisement
Table of Contents
Troubleshooting
