Cisco IPS 6.0 - 4240 Sensor

Unanswered Question
Sep 20th, 2007

I am unable to manage the IPS 4240 sensor. I can ping the management interface, but could not connect thru SSL, SSH. Telnet to port 443 fails but telnet to port 80 is fine. Traffic flowing normally through sensing interfaces. I have already changed the IPS box, but no luck. The error wich can be read from log file of the sensor is "Cid/E errTransport WebSession::sessionTask TLS connection exception: handshake incomplete".

Thsi issue is intermittent - it comes back live automatically an dgets disabled after sometime. I ahve checked router, firewalla dn other components in between.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mhellman Thu, 09/20/2007 - 07:17

It is plausible that you would get that error if you try to telnet to the sensor on port 443. the sensor should not even be listening on port 80 unless the default config was changed, so I'm not sure what's going on there. Are you always connecting from the same source IP address?

Use a tool like nmap to do a SYN scan against the management interface of the sensor. In particular, scan ports 22,80 and 443.

Log into the sensor using the service account and run ifconfig. Are there any errors on the management interface?

Actions

This Discussion