|[ LiB ]|
The IDS Sensor enables you to use four different methods to access and configure the system using the CLI. Those access methods include using Telnet, Secure Shell (SSH), a console port, or a standard keyboard and video monitor. Figure 7.1 diagrams the use of these methods .
Using the console port is the easiest way to access the CLI, and it typically is the connection method used to initially set up the sensor. This connection requires the use of a terminal emulator such as Microsoft Windows HyperTerminal, with the com port properties settings configured as shown in Figure 7.2, and a console rollover cable.
A rollover cable is a standard serial cable used to configure Cisco devices via the console port. You can see this cable's pin configuration on Cisco's Web site, http://www.cisco.com.
To access the CLI using Telnet, you must configure a required list of allowed trusted hosts using a command called accessList . To access the CLI using SSH, you must generate an SSH key and have an SSH client running on your computer. Here is a list of possible SSH clients you can choose from:
SSH Secure Shell for Workstations
Tera Term Pro
The IDS 4.0 supports SSH versions 1 and 2.
PuTTY Configuration is a simple client utility for connecting to Telnet or SSH hosts such as an IDS sensor. PuTTYGen is another utility offered by Simon Tatham; you use it to generate public and private keys for Rivest Shamir Adleman (RSA) connections.
You can access some IDS sensors, such as 4235 and 4250, using a keyboard and video monitor that are directly connected to the sensor. However, not all keyboards and video monitors are supported by Cisco. Here is a short list of some of the keyboards and monitors that Cisco supports:
Keyboard KeyTronic E03601QUS201-C
Keyboard KeyTronic LT DESIGNER
Monitor MaxTech XT-7800
Monitor Dell D1025HT
The IDS-4215 does not have keyboard and monitor ports, as do the IDS-4235 and IDS-4250. The only way to initially configure the IDS-4215, therefore, is by using the console port.
|[ LiB ]|