Cisco

Cisco IPS – Inline VLAN Pair mode

  1. Setup Cisco IPS on EVE

    I failed to setup Cisco IPS on EVE(ver 2.0.3-53).

    What I did: Download Cisco IPS ova file via: http://certcollection.org/forum/topic/270568-ips-4240-ver-7-unholy-darkness/page__hl__%20cisco%20%20ips (https://mega.nz/#!W99UnTIa!-3k6bQwiD_DhNCDFfL6TWlU69KoRwIYeaJE9JlDOASY)

    Did everything been listed in following instructions for IPS Interfaces http://certcollection.org/forum/topic/266792-emulating-ips-on-unl/ http://www.cznetlab.cz/index.php?cat=cciesec&subcat=unlips

    My problem is:

    Cisco IPS failed to ping anything out of it, I run traffic capture on IPS’s interface, no packet out when I execute ping command.

    Question on EVE official forum: http://www.unetlab.com/forum/viewtopic.php?f=5&t=55&sid=25184c5b3a889925218c20bffb2f180f

    The official answer is: This image is currupted and not working nor UNL nor EVE

    So, I deploy it on VMware vShpere

    1

    Setup VM networks on vShpere

    2

    Setup IPS’s networks

    3.png

    Setup EVE’s networks

    4.png

    Setup EVE Lab

    5.png

  2. Initial Cisco IPS

    I initilized the device from Cisco IPS console interface.

    6.png

    Default username/password is : cisco/ciscoips123

    then enter command ‘setup‘ to initial the device.

    The most import thing is to disable HTTPS. Cisco IPS enabled https by default which is not supported by most browsers(Chrome/Firefox/IE) now. Execute following commands:

    service web-server

    enable-tls false

    port 80

    exit

    Then access the device by http, it will prompt you to lunch IDSM (* Java required)

    7.png8.png

  3. Interface Pairs

    Before Cisco IPS Interface Pair

    9

    Add Interface Pair

    10

    After Cisco IPS Interface Pair

    11.png

  4. Bind vs

    12

  5. Lab1- Recognize ICMP as Attack

    13.png141516.png

  6. Verify

    Execute ping command on R1

    17

    Cisco IPS Event

    18.png19.png

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s