5-105
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 5 Configuring Security Solutions
Configuring IDS
Step 11 Click Apply. Your new IDS sensor appears in the list of sensors on the CIDS Sensors List page.
Step 12 Click Save Configuration to save your changes.
Using the CLI to Configure IDS Sensors
Follow these steps to configure IDS sensors using the controller CLI.
Step 1 To add an IDS sensor, enter this command:
config wps cids-sensor add index ids_ip_address username password
The index parameter determines the sequence in which the controller consults the IDS sensors. The
controller supports up to five IDS sensors. Enter a number (between 1 and 5) to determine the priority
of this sensor. For example, if you enter 1, the controller consults this IDS sensor first.
Note The username must be configured on the IDS sensor and have at least a read-only privilege.
Step 2 (Optional) To specify the number of the HTTPS port through which the controller is to communicate
with the IDS sensor, enter this command:
config wps cids-sensor port index port_number
For the port-number parameter, you can enter a value between 1 and 65535. The default value is 443.
This step is optional because Cisco recommends that you use the default value of 443. The sensor uses
this value to communicate by default.
Step 3 To specify how often the controller should query the IDS server for IDS events, enter this command:
config wps cids-sensor interval index interval
For the interval parameter, you can enter a value between 10 and 3600 seconds. The default value is 60
seconds.
Step 4 To enter a 40-hexadecimal-character security key used to verify the validity of the sensor, enter this
command:
config wps cids-sensor fingerprint index sha1 fingerprint
You can get the value of the fingerprint by entering show tls fingerprint on the sensor’s console.
Note Make sure to include the colons that appear between every two bytes within the key (for
example, AA:BB:CC:DD).
Step 5 To enable or disable this controller’s registration with an IDS sensor, enter this command:
config wps cids-sensor {enable | disable} index
Step 6 To save your settings, enter this command:
save config
Step 7 To view the IDS sensor configuration, enter one of these commands:
• show wps cids-sensor summary
• show wps cids-sensor detail index
The second command provides more information than the first.
To Next Page
Loading...
Need help?
General
