Hello.
I use SnortSam with the ipfw module. It works fine. A Cisco 2811 works as a border router In a local area network. I would like to use the module ciscoacl. In the configuration I've added the record:
The ciscoacl file:
After registering abnormal traffic the module ciscoacl does not work. Here is the error log:
Please help.
I use SnortSam with the ipfw module. It works fine. A Cisco 2811 works as a border router In a local area network. I would like to use the module ciscoacl. In the configuration I've added the record:
Code:
ciscoacl 192.168.0.1 user/password password1 /usr/local/etc/snortsam/ciscoacl
Code:
conf terminal
interface FastEthernet0/0
no ip access-group snort_acl in
exit
ip access-list extended snort_acl
snortsam-ciscoacl-begin
snortsam-ciscoacl-end
permit ip any any
exit
interface FastEthernet0/0
ip access-group snort-acl in
Code:
2014/04/29, 13:26:01, 192.168.0.1, 2, ciscoacl, Connected to CISCOACL at 192.168.0.1.
2014/04/29, 13:26:01, -, 3, ciscoacl, Receiving: --Username: --
2014/04/29, 13:26:22, -, 1, ciscoacl, Error: [ciscoacl] Did not receive a response from CISCOACL at Username: !