cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
823
Views
0
Helpful
5
Replies

MARS 6.0 discovering ASA 8.0

mwesche
Level 1
Level 1

I am having trouble discovering my ASA 8.0 firewall after adding it to the "Security and Monitor Devices" section. The error message I get is related to ssh and is attached to this post as a screenshot file. I confirmed that the asa is allowing MARS to connect to it via SSH and I am using an account in TACACS+ that is valid and is able to communicate with TACACS because I'm logged into the MARS appliance with it. There is also an IPS SSM module added and this was discovered successfully. It was configured the same way. The procedure seems pretty straight forward. What am I doing wrong?

5 Replies 5

rajett
Cisco Employee
Cisco Employee

I'm getting a "Document does not exist!" message trying to view it.

Can you host it and provide a url?

Is it stopping because your banner is too long? What do you get on the screen?

RJ

Sorry, I'll post it again.

in case it doesn't, here's the error

spawn ssh -c 3des -l mwesche 10.0.250.2

ssh: connect to host 10.0.250.2 port 22: Connection refused

Error executing ssh command

I don't get it. I never had an issue with attaching a gif file before. Oh well, sorry I couldnt provide one. My error message is stated also in my last post. That is what is written to the error log when I attempt to discover the ASA.

mwesche
Level 1
Level 1

I figured out why the ASA was refusing the connectin. I allowed ssh access to the ASA from the out of band IP address of the MARS appliance. During the discovery, apparently the MARS appliance sources the discovery packets and attempts the ssh session from its eth0(main production IP address). Once I defined eth0 IP in the ssh access statements in the firewall the discovery was successful.

Thanks for the update!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: