I have implemented the same IDS on the PIX, however, I did not "and would not" drop informational alarms. That why you are lose connectivity. Just use the alarm option.
> > From: "Kenny Smith" > Date: 2002/12/10 Tue PM 10:18:16 EST > To: [EMAIL PROTECTED] > Subject: why lose connection after apply IDS on PIX [7:58960] > > HI... Dear Friends, > > I want to implement IDS on my PIX outside interface which facing internet. > So that I can get alarm for external attack. Below is my interface config > and global ip audit name config > > nameif ethernet0 outside security0 > nameif ethernet1 inside security100 > > ip audit name outside-info info action alarm drop > ip audit name outside-attack attack action alarm drop > > But I apply it on my outside interface as shown below..I immediately lose > connection with outside. Can't ping and connect to external network? Why? > > PIX(config)#ip audit interface outside outside-info > PIX(config)#ip audit interface outside outside-attack > > Thanks a lot > > > > > > _________________________________________________________________ > Tired of spam? Get advanced junk mail protection with MSN 8. > http://join.msn.com/?page=features/junkmail Greg Owens 202-398-2552 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58973&t=58960 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
