< Home

Configuring the Interworking with IDS

To prevent the internal and external attacks, you must configure the FW to interwork with the IDS.

Procedure

  1. Specify the IP address of the IDS in system view.

    firewall ids client ip-address

  2. Specify the port for the FW to communicate with the IDS.

    firewall ids port port-number

    By default, the FW communicates with the IDS client through port 40000.

  3. Specify the authentication methods for the FW and IDS to authenticate each other.

    firewall ids authentication type { aes256 [ key key-string ] | md5 [ key key-string ] | sha256 [ key key-string ] | none }

    By default, the FW and IDS use the aes256 authentication method to authenticate each other.

  4. Enable the interworking with the IDS.

    firewall ids enable

    By default, the interworking between the FW and IDS is disabled.

Follow-up Procedure

Run the display firewall ids command to display the IDS interworking configuration. 

<sysname> display firewall ids
Firewall IDS information:                                                       
  firewall IDS: enable                                                          
  debug flag: off                                                               
  server port: 40000                                                            
  authentication type: aes256                                                   
  authentication string: %$%$n`Y1"wc#2'O*wrKzEvV>eULC%$%$

As shown in the output, the interworking with IDS is enabled, the authentication method is aes256, and the cipher-text key is %$%$n`Y1"wc#2'O*wrKzEvV>eULC%$%$.

Parent Topic: Configuring IDS Interworking with the NIP Using the CLI
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >