- Cisco Network Router User's Manual
E-37
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
OL-24002-01
Appendix E Troubleshooting
Troubleshooting the Appliance
For More Information
For more information on IPS system architecture, refer to System Architecture.
Verifying ARC Connections are Active
If the State is not
Active
in the ARC statistics, there is a problem.
To verify that the State is Active in the statistics, follow these steps:
Step 1
Log in to the CLI.
Step 2
Verify that the ARC is connecting. Check the State section of the output to verify that all devices are
connecting.
sensor# show statistics network-access
Current Configuration
LogAllBlockEventsAndSensors = true
EnableNvramWrite = false
EnableAclLogging = false
AllowSensorBlock = false
BlockMaxEntries = 250
MaxDeviceInterfaces = 250
NetDevice
Type = Cisco
IP = 10.89.147.54
NATAddr = 0.0.0.0
Communications = telnet
BlockInterface
InterfaceName = fa0/0
InterfaceDirection = in
State
BlockEnable = true
NetDevice
IP = 10.89.147.54
AclSupport = uses Named ACLs
Version = 12.2
State = Active
sensor#
Step 3
If the ARC is not connecting, look for recurring errors.
sensor# show events error hh:mm:ss month day year | include : nac
Example
sensor# show events error 00:00:00 Apr 01 2011 | include : nac
Step 4
Make sure you have the latest software updates.
sensor# show version
Application Partition:
Cisco Intrusion Prevention System, Version 7.1(3)E4
Host:
Realm Keys key1.0
Signature Definition:
Signature Update S605.0 2011-10-25
OS Version: 2.6.29.1
Platform: ASA5585-SSP-IPS10
Serial Number: 123456789AB
No license present