TippingPoint IPS开局典型配置

TippingPoint IPS开局典型配置

1.     打开电源开关，按POWER键开机（1U设备直接开机）

双电源设备，如果只使用一个电源，设备会发出告警声。按电源旁边的红色按钮，可以消除告警声

100E在打开电源开关后，可能并不能启动设备，这个时候需要长按面板上绿色的勾5秒。

2.   使用配置线与PC相连

这里采用的波特率是115200。

配置线两端都是DB9的母头。

3.   启动过程

在启动过程中不要随意敲键盘，如果无意输入任意键会使启动中断，需要输入@来继续启动。

Welcome to the TippingPoint Technologies Initial Setup wizard.

//单击任意键或使用面板上的LCD板来进行初始化操作。

Press any key to begin the Initial Setup Wizard or use the LCD panel.

You will be presented with some questions along with default values

in brackets[].  Please update any empty fields or modify them to match

your requirements.  You may press the ENTER key to keep the current

default value.  After each group of entries, you will have a chance to

confirm your settings, so don't worry if you make a mistake.

4.   选择密码强度级别,并设置超级用户和密码。

There are three security levels for specifying user names and passwords:

  Level 0: User names and passwords are unrestricted.

  Level 1: Names must be at least 6 characters long; passwords at least 8.

  Level 2: In addition to level 1 restrictions, passwords must contain:

             - at least 2 alpha characters

             - at least 1 numeric character

             - at least 1 non-alphanumeric character

Please specify a security level to be used for initial super-user name

and password creation.  As super-user, you can modify the security level

later on via Command Line Interface (CLI) or Local Security Manager (LSM).

//设置密码的强度，密码的强度一共有三级，0,1,2，强度依次增加，即密码的复杂程度要求越来越高。

Security level [2]: 0   

Please enter a user name that we will use to create your super-user

account.  Spaces are not allowed.

Name: unityone  

 //设置登录的帐号，此帐号为超级用户Super User，具有最高权限。还有其他2种帐号，Operator和Administrator。

Do you wish to accept [unityone] <Y,[N]>:y

Please enter your super-user account password:     

//设置帐号的密码

Verify password:

Saving information ...Done

Your super-user account has been created.

You may continue initial configuration by logging into your device.

After logging in, you will be asked for additional information.

The login prompt should appear in approximately 90 seconds.

........

Login: unityone    

//使用超级帐号登录系统

Password:

5.   配置管理IP等初始化参数。

Entering Setup wizard...

The host management port is used to configure and monitor this device via

a network connection (e.g., a web browser).

Enter Management IP Address [0.0.0.0]: 192.168.10.159

 //设置设备的管理IP地址

Enter Network Mask [255.255.255.0]:                 

 //设置管理IP地址的子网掩码,如果使用默认配置则直接回车。

Enter Host Name [myhostname]: TippingPoint           

//设置设备的名称

Enter Host Location [room/rack]: room

              Host IP: 192.168.10.159

         Network Mask: 255.255.255.0

            Host Name: TippingPoint

        Host Location: room

Enter [A]ccept, [C]hange, or [E]xit without saving [C]: A   

//确认设置

The default gateway is a router that enables this device to communicate with

other devices on the management network outside of the local subnet.

Do you require a default gateway? <Y,[N]>:Y

//是否需要配置管理接口的网关。

Enter Gateway IP Address (a value of 0.0.0.0 removes

  the default gateway) [0.0.0.0]: 192.168.10.254

//配置管理接口的网关

      Gateway Address: 192.168.10.254

Enter [A]ccept, [C]hange, or [E]xit without saving [C]: A   

//确认设置

Timekeeping options allow you to set the time zone, enable or disable

daylight saving time, and configure or disable SNTP.

Would you like to modify timekeeping options? <Y,[N]>:Y   

//设置时区相关配置

Enter time zone or '?' for complete list [GMT]:           

//设置时区

Automatically adjust clock for daylight saving changes? [Yes]: N

//是否自动调整夏令时

Do you want to enable the SNTP client? [No]:

//是否使用SNTP同步时间

Enter date <YYYY-MM-DD> [2006-08-29]:

//设置日期

Enter time <HH:MM:SS> in 24 hour notation [07:39:50]: 13:39:40

//设置时间

              TimeZone: GMT

           DST enabled: Yes

          SNTP enabled: No

                  Date: 2006-08-29

                  Time: 13:39:40

Enter [A]ccept, [C]hange, or [E]xit without saving [C]: a

//确认配置

Server options allow you to enable or disable each of the following servers:

SSH, Telnet, HTTPS, HTTP, and SNMP.

//设置设备可以提供用来管理的服务。

Would you like to modify the server options? <Y,[N]>:y

//是否想更改服务器选项。

Enable the SSH server? [Yes]: y   

//是否启用SSH服务

Enable the Telnet server? [No]: y   

//是否启用Telnet服务

Enable the HTTPS server ('No' disables SMS access)? [Yes]: 

//是否启用HTTPS服务，如果设备需要通过SMS（Security Management System）来集中管理，则此项服务必须启用。

Enable the HTTP server? [No]:  

//是否启用HTTP服务

HTTPS和HTTP不能同时使用，设备启动后，如果要更改这个服务需要重新启动设备。

Enable the SNMP agent ('No' disables SMS and NMS access)? [Yes]:

//是否启用SNMP Agent.

   SSH: Yes

Telnet: Yes

 HTTPS: Yes

  HTTP: No

  SNMP: Yes

Enter [A]ccept, [C]hange, or [E]xit without saving [C]: a

// 确认配置

A Network Management System (NMS) such as HP OpenView(TM) can be used to

monitor and receive traps from your TippingPoint device.

Would you like to configure a Network Management System? <Y,[N]>:n

//是否配置网管系统（SNMP V2）

You have the option to restrict access to your device by TippingPoint

Security Management Systems (SMSs) such that only an SMS at a specified

IP address can manage the device.

Would you like to restrict SMS access? <Y,[N]>:y 

//是否通过SMS集中管理

Enter Security Management System IP Address []: 192.168.10.252   

//设置SMS系统IP地址

     SMS IP address: 192.168.10.252

Enter [A]ccept, [C]hange, or [E]xit without saving [C]: a

// 确认配置

Based on your configuration of the CLI and Web servers, you can configure

or monitor this device via the management port or the serial port.

If you wish to run this wizard again, use the 'setup' command.