IPS在线模式实验2-Interface Pair

1.拓扑图：





2.接口配置：

R1(config)#int f0/0

R1(config-if)#ip add 10.1.1.11 255.255.255.0

R1(config-if)#no sh

R2(config)#int f0/0

R2(config-if)#ip add 10.1.1.12 255.255.255.0

R2(config-if)#no sh

R3#vlan database

R3(vlan)#vlan 10

VLAN 10 added:

Name: VLAN0010

R3(vlan)#exit

APPLY completed.

Exiting....

R3(config)#int f0/0

R3(config-if)#switchport mode access

R3(config-if)#switchport access vlan 10

R3(config-if)#int f0/15

R3(config-if)#swi mo acc

R3(config-if)#swi acc vlan 10

R4#vlan data

R4(vlan)#vlan 20

VLAN 20 added:

Name: VLAN0020

R4(vlan)#exit

APPLY completed.

Exiting....

R4#

R4#config t

Enter configuration commands, one per line. End with CNTL/Z.

R4(config)#int f0/0

R4(config-if)#swi mo acc

R4(config-if)#swi acc vlan 20

R4(config-if)#int f0/15

R4(config-if)#swi mo acc

R4(config-if)#swi acc vlan 20

3.IPS配置：

A.确认g0/1和g/2接口都已经enabled





B.创建接口对，将g0/1和g/2接口加入接口对





C.将接口对关联到virtual sensor





4.测试：

A.在R1上连续ping R2

R1#ping 10.1.1.12 repeat 100

Type escape sequence to abort.

Sending 100, 100-byte ICMP Echos to 10.1.1.12, timeout is 2 seconds:

.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Success rate is 99 percent (99/100), round-trip min/avg/max = 12/27/108 ms

B.在IPS上能看到攻击事件