IPS在线模式实验1-VLAN Pair

1.拓扑图：





2.接口配置：

R1(config)#int f0/0

R1(config-if)#ip add 10.1.1.1 255.255.255.0

R1(config-if)#no sh

R2(config)#int f0/0

R2(config-if)#ip add 10.1.1.2 255.255.255.0

R2(config-if)#no sh

R3#vlan data

R3(vlan)#vlan 10

VLAN 10 added:

Name: VLAN0010

R3(vlan)#vlan 20

VLAN 20 added:

Name: VLAN0020

R3(vlan)#exi

APPLY completed.

Exiting....

R3#config t

Enter configuration commands, one per line. End with CNTL/Z.

R3(config)#int f0/0

R3(config-if)#swi mod acc

R3(config-if)#swi acc vlan 10

R3(config-if)#int f0/1

R3(config-if)#swi mod acc

R3(config-if)#swi acc vlan 20

R3(config-if)#int f0/15

R3(config-if)#swi mod trun

R3(config-if)#swi mod trunk

R3(config-if)#

*Mar 1 00:01:57.307: %DTP-5-TRUNKPORTON: Port Fa0/15 has become dot1q trunk

R3(config-if)#

3.IPS配置：

A.确认g0/1接口已经enabled





B.添加VLAN Pair





C.将接口对关联到virtual sensor





4.测试：

A.在R1上连续ping R2

R1#ping 10.1.1.2 repeat 100

Type escape sequence to abort.

Sending 100, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:

.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Success rate is 99 percent (99/100), round-trip min/avg/max = 4/38/512 ms

R1#

B.在IPS上能看到攻击事件