Solved

Router/Firewall question...

Posted on 2003-11-18
5
313 Views
Last Modified: 2010-04-17
I have a cisco 1760 router with the IP/FW/IDS/3DES IOS 12.3
I have a T1 connection to the internet which is NAT'd to the internal network.

Can anyone show me an example config using the FW/IDS with logging if possible!

Thanks!
0
Comment
Question by:MadMatt2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 3

Expert Comment

by:sheahmed
ID: 9776604
you have a hardware IDS Network Module installed?

refer to the Cisco Intrusion Detection System (IDS) Hardware and Software Version 4.1 Documentation Guide that shipped with your IDS router module. It is at the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/15593_01.htm
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 9781768
I don't think you have an IDS module in your 1700 router. Most likely the IDS features as part of the FW IOS...
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scfids.htm

To setup logging, log to a host:
!
logging trap <level> [1-7]
logging host a.b.c.d  <-- ip address of syslog server
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/fun_r/cfr_1g04.htm#1032279

You can get a free syslog server deamon from Kiwi
http://www.kiwisyslog.com
0
 
LVL 5

Expert Comment

by:epylko
ID: 9790511
Make sure you apply your audit rule to whatever interface(s) you want to have the IDS s/w check. I've seen tons of configurations where people create the rules but then don't apply them to interfaces.

-Eric
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9790782
MaddMatt, my apologies for this, but...

Eric, nice to see you around...
Can you answer this:
http://www.experts-exchange.com/Networking/Q_20800321.html#9781898


0
 
LVL 5

Expert Comment

by:epylko
ID: 9791827
Sure. Go there and check out my response...
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month6 days, 22 hours left to enroll

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question