5-30
Cisco Wireless LAN Controller Configuration Guide
OL-9141-03
Chapter 5 Configuring Security Solutions
Configuring IDS
Using the GUI to View Shunned Clients
Follow these steps to view the list of clients that the IDS sensors have identified to be shunned using the
controller GUI.
Step 1 Click Security and then Shunned Clients under CIDS. The CIDS Shun List page appears (see
Figure 5-12).
Figure 5-12 CIDS Shun List Page
This page shows the IP address and MAC address of each shunned client, the length of time that the
client’s data packets should be blocked by the controller as requested by the IDS sensor, and the IP
address of the IDS sensor that discovered the client.
Step 2 Click Re-sync to purge and reset the list as desired.
Using the CLI to View Shunned Clients
Follow these steps to view the list of clients that the IDS sensors have identified to be shunned using the
controller CLI.
Step 1 To view the list of clients to be shunned, enter this command:
show wps shun-list
Step 2 To force the controller to sync up with other controllers in the mobility group for the shun list, enter this
command:
config wps shun-list re-sync
Configuring IDS Signatures
You can configure IDS signatures, or bit-pattern matching rules used to identify various types of attacks
in incoming 802.11 packets, on the controller. When the signatures are enabled, the access points joined
to the controller perform signature analysis on the received 802.11 data or management frames and
report any discrepancies to the controller.
To Next Page
Loading...
Need help?
General
