IPS在线模式实验2-Interface Pair
2012-05-28 12:30
375 查看
1.拓扑图:
2.接口配置:
R1(config)#int f0/0
R1(config-if)#ip add 10.1.1.11 255.255.255.0
R1(config-if)#no sh
R2(config)#int f0/0
R2(config-if)#ip add 10.1.1.12 255.255.255.0
R2(config-if)#no sh
R3#vlan database
R3(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
R3(vlan)#exit
APPLY completed.
Exiting....
R3(config)#int f0/0
R3(config-if)#switchport mode access
R3(config-if)#switchport access vlan 10
R3(config-if)#int f0/15
R3(config-if)#swi mo acc
R3(config-if)#swi acc vlan 10
R4#vlan data
R4(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
R4(vlan)#exit
APPLY completed.
Exiting....
R4#
R4#config t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#int f0/0
R4(config-if)#swi mo acc
R4(config-if)#swi acc vlan 20
R4(config-if)#int f0/15
R4(config-if)#swi mo acc
R4(config-if)#swi acc vlan 20
3.IPS配置:
A.确认g0/1和g/2接口都已经enabled
B.创建接口对,将g0/1和g/2接口加入接口对
C.将接口对关联到virtual sensor
4.测试:
A.在R1上连续ping R2
R1#ping 10.1.1.12 repeat 100
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 10.1.1.12, timeout is 2 seconds:
.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 99 percent (99/100), round-trip min/avg/max = 12/27/108 ms
B.在IPS上能看到攻击事件
2.接口配置:
R1(config)#int f0/0
R1(config-if)#ip add 10.1.1.11 255.255.255.0
R1(config-if)#no sh
R2(config)#int f0/0
R2(config-if)#ip add 10.1.1.12 255.255.255.0
R2(config-if)#no sh
R3#vlan database
R3(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
R3(vlan)#exit
APPLY completed.
Exiting....
R3(config)#int f0/0
R3(config-if)#switchport mode access
R3(config-if)#switchport access vlan 10
R3(config-if)#int f0/15
R3(config-if)#swi mo acc
R3(config-if)#swi acc vlan 10
R4#vlan data
R4(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
R4(vlan)#exit
APPLY completed.
Exiting....
R4#
R4#config t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#int f0/0
R4(config-if)#swi mo acc
R4(config-if)#swi acc vlan 20
R4(config-if)#int f0/15
R4(config-if)#swi mo acc
R4(config-if)#swi acc vlan 20
3.IPS配置:
A.确认g0/1和g/2接口都已经enabled
B.创建接口对,将g0/1和g/2接口加入接口对
C.将接口对关联到virtual sensor
4.测试:
A.在R1上连续ping R2
R1#ping 10.1.1.12 repeat 100
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 10.1.1.12, timeout is 2 seconds:
.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 99 percent (99/100), round-trip min/avg/max = 12/27/108 ms
B.在IPS上能看到攻击事件
相关文章推荐
- IPS在线模式实验1-VLAN Pair
- IPS杂合模式实验
- 演示:思科IPS在线模式下Inline Interface Mode的响应行为(区别各个防御行为)
- 走进清华研究生教改 | 创新教学模式,大数据硕士实验及在线课程改革与平台建设
- FPGA在线加载模式简介
- 一主两从模式如何提升新主库的切换模拟实验
- lvs集群服务的DR模式和NAT模式详解及实验
- 保护模式实验环境搭建
- ACT5.6 动手实验手册 如何在工作组模式下对客户端进行数据收集 如何在AD域环境
- 拓泰TOP CRM 为企业提供安装包和在线托管多种模式,解决企业后顾之忧!
- CCNA视频:CCNP实验八:OSPF 帧中继实验系列1:NBMA模式
- apache中配置php支持模块模式、cgi模式和fastcgi模式的实验
- (在线试用)用样本进行实验,或者在 Hyperledger Composer Web Playground 上开始实现您自己的区块链想法
- 惠州学院-数据库实验1-数据库模式设计与建立
- 在线游戏基础结构,第 1 部分: 开发高层业务描述并确定模式
- 设计模式在线教程
- 实验一熟悉路由器的配置模式,设置主机名,密码
- JSP在线聊天室——实验一之需求分析
- [笔记]Arduino平台使用US-100超声波测距模块的串口模式测距实验
- [导入]多层多数据库模式开发的实验(二)实体