简单调试ids模块

network

简单调试ids模块

在用户处调试7600上的ids模块。按照在网上找的资料进入ids模块中，用setup设置ip地址后。在76上怎么也ping不通。在网上也找不到相关的资料。经过多天的摸索。设置成功，步骤如下：
1、在76上设置和ids模块相通信的vlan（前面主要是这一步没找到怎么设置）
    router (config)# intrusion-detection module *** management-port access-vlan
2、在76上面设置的vlan上设置ip地址和ids模块通信
3、进入ids模块进行设置，大部分都用默认值
   session slot 2 pro 1
   setup
router# session slot module_number processor 1
idsm-2# ping network_ip_address
Promiscuous mode 混杂模式
Inline mode 在线桥接
Inline VLAN pair mode

4、设置java。用ie浏览器登陆ids，显示内存不够。开始以为真是内存太小。后来发现是java的参数问题。

Java Plug-In on Windows
To change the settings of Java Plug-in on Windows for Java Plug-in 1.4.2 and 1.5, follow these steps:

--------------------------------------------------------------------------------
Step 1 Close all instances of Internet Explorer or Netscape.
Step 2 Click Start  > Settings > Control Panel.
Step 3 If you have Java Plug-in 1.4.2 installed:
a. Click Java Plug-in.
The Java Plug-in Control Panel appears.
b. Click the Advanced tab.
c. Type -Xmx256m in the Java RunTime Parameters field.
d. Click Apply and exit the Java Control Panel.
Step 4 If you have Java Plug-in 1.5 installed:
a. Click Java.
The Java Control Panel appears.
b. Click the Java tab.
c. Click View under Java Applet Runtime Settings.
The Java Runtime Settings Panel appears.
d. Type -Xmx256m in the Java Runtime Parameters field and then click OK.
e. Click OK and exit the Java Control Panel.

5、在76上设置要监控的vlan

Step 1 Log in to the console.
Step 2 Enter global configuration mode:
router# configure terminal

Step 3 Set the source interfaces for the monitor session:
router(config)# monitor session (session_number) source interface interface/port_number
[, | - | rx | tx | both]
Example:
router(config)# monitor session 1 source interface GigabitEthernet2/23 both
Step 4 Enable an IDSM-2 data port as a SPAN destination:
router(config)# monitor session (session_number) destination intrusion-detection-module module_number data-port a_port_number
Example:
router(config)# monitor session 1 destination intrusion-detection-module 9 data-port 1
Step 5 Make sure autostate is included for the data port:
router(config)# intrusion-detection-module module_number data-port data_port_number autostate include
Example:
router(config)# intrusion-detection-module 9 data-port 1 autostate include
This allows the switch virtual interface to stay up if the data port is the only port in the VLAN. The default is no include. For more information on autostate, refer to “Autostate Feature,” in Catalyst 6500
Series Software Configuration Guide, 8.5.
Step 6 (Optional) Enable PortFast for the data port:
router(config)# intrusion-detection-module module_number data-port data_port_number portfast
Example:
router(config)# intrusion-detection-module 9 data-port 1 portfast enable
The default is disabled. For more information on PortFast, refer to “Configuring Spanning Tree PortFast,
UplinkFast, and BackboneFast,” in Catalyst 6500 Series Software Configuration Guide, 8.5.
Step 7 (Optional) To disable the monitor session:
router(config)# no monitor session session_number
Step 8 (Optional) To filter the SPAN session so that only certain VLANs are seen from switch port trunks:
router(config)# monitor session (session_number) {filter vlan {vlan_ID} [, | - ]}
Example:
router(config)# monitor session 1 filter vlan 146
Step 9 Exit configuration mode:
router(config)# exit
Step 10 To show current monitor sessions:
router# show monitor session session_number
Example:
router# show monitor session 1
Session 1
---------
Type : Local Session
Source Ports :
Both : Gi2/23
Destination Ports : intrusion-detection-module 9 data-port 1
---------------------------------------------------------------
Step 1 Log in to the console.
Step 2 Reset IDSM-2:
router# hw-module module module-number reset [hdd:1 | cf:1]