# SnortSam+ipfw+ciscoacl



## perzzoffka (May 28, 2014)

Hello.

I use SnortSam with the ipfw module. It works fine. A Cisco 2811 works as a border router In a local area network. I would like to use the module ciscoacl. In the configuration I've added the record:

```
ciscoacl 192.168.0.1 user/password password1 /usr/local/etc/snortsam/ciscoacl
```
The ciscoacl file:

```
conf terminal
interface FastEthernet0/0
no ip access-group snort_acl in
exit
ip access-list extended snort_acl
snortsam-ciscoacl-begin
snortsam-ciscoacl-end
permit ip any any
exit
interface FastEthernet0/0
ip access-group snort-acl in
```
After registering abnormal traffic the module ciscoacl does not work. Here is the error log:

```
2014/04/29, 13:26:01, 192.168.0.1, 2, ciscoacl, Connected to CISCOACL at 192.168.0.1.
2014/04/29, 13:26:01, -, 3, ciscoacl, Receiving: --Username: --
2014/04/29, 13:26:22, -, 1, ciscoacl, Error: [ciscoacl] Did not receive a response from CISCOACL at Username:  !
```
Please help.


----------

