MARS communicating w/ IPS via SSL/TLS

Answered Question
Aug 1st, 2008

testing connectivity after adding a IPS 4240 to the Mars gives an error: PN-0001:PnLogger message map not initialized. This seems to have an issue with the setup of communication using https, but I can https to the IPS from other stations.

Correct Answer by Farrukh Haroon about 8 years 6 months ago

If your sensor is 6.1 then this is a cosmetic issue. 6.1 is not officially supported. Have a look at this thread:


http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=MARS&topic=Discussions&topicID=.2cc04749&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc0e637


Please rate if helpful.


Regards


Farrukh


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Farrukh Haroon Fri, 08/01/2008 - 11:51

Try adding the trusted key of the MARS in IPS. Make sure MARS is added in the access-list of permitted IPs on the sensor (a simple way to test this is to ping the sensor from the MARS cli).


Regards


Farrukh

Farrukh Haroon Fri, 08/01/2008 - 11:58

Double check your login credentials entered in MARS, check the ACL, try deleting and re-adding the sensor in MARS.


Regards


Farrukh

f.yarnell Fri, 08/01/2008 - 12:07

I have tested the login credentials by logging into the IDM successfully from my laptop.

The ACL has the MARS IP address specifically allowed.

I have already deleted and re-added the device.


From the CLI of the MARS:

[pnadmin]$ telnet 172.16.155.253 443

Trying 172.16.155.253...

Connected to 172.16.155.253.

Escape character is 'off'.


This then will timeout. But it appears the connection occurs.


thanks in advance for your assistance.

Farrukh Haroon Fri, 08/01/2008 - 12:22

Do one thing, just simply ignore the 'test connectivity' bit and let the IPS sensor be added to MARS. Then see if you receive events from it.


Regards


Farrukh

Actions

This Discussion