- Preface
- Getting Started
- Configuring Dashboards
- Using the Startup Wizard
- Setting Up the Sensor
- Configuring Interfaces
- Configuring Policies
- Defining Signatures
- Using the Signature Wizard
- Configuring Event Action Rules
- Configuring Anomaly Detection
- Configuring Global Correlation
- Configuring SSH and Certificates
- Configuring Attack Response Controller for Blocking and Rate Limiting
- Managing Time-Based Actions
- Configuring SNMP
- Configuring External Product Interfaces
- Managing the Sensor
- Monitoring the Sensor
- Initializing the Sensor
- Logging In to the Sensor
- Understanding Cisco IPS Software
- Upgrading, Downgrading, and Installing System Images
- System Architecture
- Signature Engines
- Troubleshooting
- Open Source License Files
- Glossary
- Index
Cisco Intrusion Prevention System Device Manager Configuration Guide for IPS 7.1
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- Updated:
- October 21, 2014
Chapter: Logging In to the Sensor
Logging In to the Sensor
Note
All IPS platforms allow ten concurrent CLI sessions.
This chapter explains how to log in to the various Cisco IPS platforms, and contains the following sections:
Supported User Roles
You can log in with the following user privileges:
The service role does not have direct access to the CLI. Service account users are logged directly into a bash shell. Use this account for support and troubleshooting purposes only. Unauthorized modifications are not supported and will require the sensor to be reimaged to guarantee proper operation. You can create only one user with the service role.
When you log in to the service account, you receive the following warning:
Note The service role is a special role that allows you to bypass the CLI if needed. Only a user with administrator privileges can edit the service account.
- For more information on the service account, see Understanding the Service Account.
- For the procedures for adding and deleting users, see Adding, Editing, Deleting Users, and Creating Accounts.
Logging In to the Appliance
Note You can log in to the appliance from a console port. The currently supported Cisco IPS appliances are the IPS 4240, IPS 4255, and IPS 4260 [IPS 7.0(x) and later and IPS 7.1(5) and later], IPS 4270-20 [IPS 7.1(3) and later], IPS 4345 and IPS 4360 [IPS 7.1(3) and later], and IPS 4510 and IPS 4520 [IPS 7.1(4) and later].
To log in to the appliance, follow these steps:
Connect a console port to the sensor to log in to the appliance.
Step 2 Enter your username and password at the login prompt.
Note The default username and password are both cisco. You are prompted to change them the first time you log in to the appliance.You must first enter the UNIX password, which is cisco. Then you must enter the new password twice.
- For the procedure for connecting an appliance to a terminal server, see Connecting an Appliance to a Terminal Server.
- For the procedure for using the setup command to initialize the appliance, see Chapter19, “Initializing the Sensor”
Connecting an Appliance to a Terminal Server
A terminal server is a router with multiple, low speed, asynchronous ports that are connected to other serial devices. You can use terminal servers to remotely manage network equipment, including appliances. To set up a Cisco terminal server with RJ-45 or hydra cable assembly connections, follow these steps:
Connect to a terminal server using one of the following methods:
- For terminal servers with RJ-45 connections, connect a rollover cable from the console port on the appliance to a port on the terminal server.
- For hydra cable assemblies, connect a straight-through patch cable from the console port on the appliance to a port on the terminal server.
Step 2 Configure the line and port on the terminal server. In enable mode, enter the following configuration, where # is the line number of the port to be configured.
Step 3 Be sure to properly close a terminal session to avoid unauthorized access to the appliance. If a terminal session is not stopped properly, that is, if it does not receive an exit(0) signal from the application that initiated the session, the terminal session can remain open. When terminal sessions are not stopped properly, authentication is not performed on the next session that is opened on the serial port.
Logging In to the ASA 5500 AIP SSM
You log in to the ASA 5500 AIP SSM from the adaptive security appliance.
To session in to the ASA 5500 AIP SSM from the adaptive security appliance, follow these steps:
Log in to the adaptive security appliance.
Note If the adaptive security appliance is operating in multi-mode, use the change system command to get to the system level prompt before continuing.
Step 2 Session to the ASA 5500 AIP SSM. You have 60 seconds to log in before the session times out.
Step 3 Enter your username and password at the login prompt.
Note The default username and password are both cisco. You are prompted to change them the first time you log in to the module. You must first enter the UNIX password, which is cisco. Then you must enter the new password twice.
Step 4 To escape from a session and return to the adaptive security appliance prompt, do one of the following:
Logging In to the ASA 5500-X IPS SSP
You log in to the ASA 5500-X IPS SSP from the adaptive security appliance.
To session in to the ASA 5500-X IPS SSP from the adaptive security appliance, follow these steps:
Log in to the adaptive security appliance.
Note If the adaptive security appliance is operating in multi-mode, use the change system command to get to the system level prompt before continuing.
Step 2 Session to the IPS. You have 60 seconds to log in before the session times out.
Step 3 Enter your username and password at the login prompt.
Note The default username and password are both cisco. You are prompted to change them the first time you log in to the module. You must first enter the UNIX password, which is cisco. Then you must enter the new password twice.
Step 4 To escape from a session and return to the adaptive security appliance prompt, do one of the following:
Logging In to the ASA 5585-X IPS SSP
You log in to the ASA 5585-X IPS SSP from the adaptive security appliance.
To session in to the ASA 5585-X IPS SSP from the adaptive security appliance, follow these steps:
Log in to the adaptive security appliance.
Note If the adaptive security appliance is operating in multi-mode, use the change system command to get to the system level prompt before continuing.
Step 2 Session to the ASA 5585-X IPS SSP. You have 60 seconds to log in before the session times out.
Step 3 Enter your username and password at the login prompt.
Note The default username and password are both cisco. You are prompted to change them the first time you log in to the module. You must first enter the UNIX password, which is cisco. Then you must enter the new password twice.
Step 4 To escape from a session and return to the adaptive security appliance prompt, do one of the following:
Using Telnet or SSH to Log In
Note After you have initialized the sensor using the setup command and enabled Telnet, you can use SSH or Telnet to log in to the sensor.
To log in to the sensor using Telnet or SSH, follow these steps:
To log in to the sensor over the network using SSH or Telnet.
Step 2 Enter your username and password at the login prompt.
Feedback