02-04-2009 10:46 AM
I am having trouble discovering my ASA 8.0 firewall after adding it to the "Security and Monitor Devices" section. The error message I get is related to ssh and is attached to this post as a screenshot file. I confirmed that the asa is allowing MARS to connect to it via SSH and I am using an account in TACACS+ that is valid and is able to communicate with TACACS because I'm logged into the MARS appliance with it. There is also an IPS SSM module added and this was discovered successfully. It was configured the same way. The procedure seems pretty straight forward. What am I doing wrong?
02-04-2009 01:18 PM
I'm getting a "Document does not exist!" message trying to view it.
Can you host it and provide a url?
Is it stopping because your banner is too long? What do you get on the screen?
RJ
02-06-2009 06:44 AM
02-06-2009 06:56 AM
I don't get it. I never had an issue with attaching a gif file before. Oh well, sorry I couldnt provide one. My error message is stated also in my last post. That is what is written to the error log when I attempt to discover the ASA.
02-06-2009 07:10 AM
I figured out why the ASA was refusing the connectin. I allowed ssh access to the ASA from the out of band IP address of the MARS appliance. During the discovery, apparently the MARS appliance sources the discovery packets and attempts the ssh session from its eth0(main production IP address). Once I defined eth0 IP in the ssh access statements in the firewall the discovery was successful.
02-06-2009 09:59 AM
Thanks for the update!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: