- Cisco Home Security System User's Manual
C-26
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 7.2
OL-29168-01
Appendix C Troubleshooting
Troubleshooting the Appliance
For More Information
•
For the procedure for enabling and disabling Telnet on the sensor, see Enabling and Disabling
Telnet, page 3-5.
•
For the various ways to open a CLI session directly on the sensor, see Chapter ii, “Logging In to the
Sensor.”
•
For the procedure for changing the IP address, see Changing the IP Address, Netmask, and Gateway,
page 3-4.
•
For the procedure for changing the access list, see Correcting a Misconfigured Access List,
page C-26.
Correcting a Misconfigured Access List
To correct a misconfigured access list, follow these steps:
Step 1
Log in to the CLI.
Step 2
View your configuration to see the access list.
sensor# show configuration | include access-list
access-list 10.0.0.0/8
access-list 64.0.0.0/8
sensor#
Step 3
Verify that the client IP address is listed in the allowed networks. If it is not, add it.
sensor# configure terminal
sensor(config)# service host
sensor(config-hos)# network-settings
sensor(config-hos-net)# access-list 171.69.70.0/24
Step 4
Verify the settings.
sensor(config-hos-net)# show settings
network-settings
-----------------------------------------------
host-ip: 192.168.1.2/24,192.168.1.1 default: 10.1.9.201/24,10.1.9.1
host-name: sensor-238 default: sensor
telnet-option: enabled default: disabled
access-list (min: 0, max: 512, current: 3)
-----------------------------------------------
network-address: 10.0.0.0/8
-----------------------------------------------
network-address: 64.0.0.0/8
-----------------------------------------------
network-address: 171.69.70.0/24
-----------------------------------------------
-----------------------------------------------
ftp-timeout: 300 seconds <defaulted>
login-banner-text: <defaulted>
-----------------------------------------------
sensor(config-hos-net)#