AIP-SSM POSPF not working at all

Answered Question
Feb 9th, 2008
User Badges:

Hi,


I want to configure the passive os detection on a ASA-SSM10, i tried to configure from IDM from CLI but still no results. The Learned OS window is empty.


CLI output:


os-identification

-----------------------------------------------

calc-arr-for-ip-range: 0.0.0.0-255.255.255.255 default: 0.0.0.0-255.255.255.255

configured-os-map (ordered min: 0, max: 50, current: 0 - 0 active, 0 inactive)

-----------------------------------------------

passive-traffic-analysis: Enabled default: Enabled

-----------------------------------------------



sh os-identification vs0 learned

No mappings available for the requested parameters.




The IPS version is 6.0(3)E1.


Any ideas?

Thanks!

Correct Answer by marcabal about 9 years 2 months ago

There is a known issue with Passive OS Fingerprinting on the SSMs.

CSCsi52422


The problem has been fixed and will be available in an upcoming 6.0(4) Service Pack.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
gfullage Sun, 02/10/2008 - 21:10
User Badges:
  • Cisco Employee,

Your configuration is OK, I have the exact same in mine and OS learning is working fine. Are you sure your SSM is seeing traffic from the ASA, have you set up a service policy to direct traffic to it?


Do "sho service-policy" on the ASA and make sure it is actually sending data to the SSM.

oszkari Mon, 02/11/2008 - 00:50
User Badges:

Hi


Yes, all traffic is redirected to SSM, with a permit any class map.


The signature detection is working fine, I have problem only with the OS learning.



Correct Answer
marcabal Mon, 02/11/2008 - 08:07
User Badges:
  • Cisco Employee,

There is a known issue with Passive OS Fingerprinting on the SSMs.

CSCsi52422


The problem has been fixed and will be available in an upcoming 6.0(4) Service Pack.


Actions

This Discussion