cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
441
Views
0
Helpful
4
Replies

AIP-SSM and Wireless Controller integration error

plao
Cisco Employee
Cisco Employee

Having problem with TLS connection from controller to AIP-SSM. The response cide from IPS to the controller suppose to be 0 but I am getting 35.

TLS fingerprint matches between AIP-SSM and configuration on the controller. And connectivity is good between Controller and AIP-SSM and the time is sync between the two also.

AIP-SSM is Version 6.0(4)

Error log from AIP-SSM:

evError: eventId=1221057394278884465 vendor=Cisco severity=error

originator:

hostId: labips

appName: cidwebserver

appInstanceId: 393

time: February 13, 2009 1:58:39 PM UTC offset=0 timeZone=GMT-08:00

errorMessage: WebSession::sessionTask TLS connection exception: handshake incomplete. name=errTransport

(Cisco Controller) >debug wps cids enable

*Feb 13 14:24:50.982: cidsSdeeCallback is called

*Feb 13 14:24:50.983: cidsProcessSdeeQuery: ip=10.100.1.6,port=443 state=1 interval=10

*Feb 13 14:24:50.983: cidsQuerySend: https://10.100.1.6:443/cgi-bin/transaction-server?command=getShunEntryList

*Feb 13 14:24:50.983: curlHandle is c6facec

*Feb 13 14:24:50.983: Perform on curlHandle c6facec ...

*Feb 13 14:24:50.990: ssl_sensor_verify_callback: verifying cert from sensor

*Feb 13 14:24:50.990: Cert fingerprint verified

*Feb 13 14:24:50.995: Response code is 35

*Feb 13 14:25:00.565: cidsSdeeCallback is called

*Feb 13 14:25:00.565: cidsProcessSdeeQuery: ip=10.100.1.6,port=443 state=1 interval=10

*Feb 13 14:25:00.565: cidsQuerySend: https://10.100.1.6:443/cgi-bin/transaction-server?command=getShunEntryList

*Feb 13 14:25:00.566: curlHandle is c6facec

*Feb 13 14:25:00.566: Perform on curlHandle c6facec ...

*Feb 13 14:25:00.572: ssl_sensor_verify_callback: verifying cert from sensor

*Feb 13 14:25:00.573: Cert fingerprint verified

*Feb 13 14:25:00.577: Response code is 35

*Feb 13 14:25:10.145: cidsSdeeCallback is called

*Feb 13 14:25:10.146: cidsProcessSdeeQuery: ip=10.100.1.6,port=443 state=1 interval=10

*Feb 13 14:25:10.146: cidsQuerySend: https://10.100.1.6:443/cgi-bin/transaction-server?command=getShunEntryList

*Feb 13 14:25:10.146: curlHandle is c6facec

*Feb 13 14:25:10.146: Perform on curlHandle c6facec ...

*Feb 13 14:25:10.153: ssl_sensor_verify_callback: verifying cert from sensor

*Feb 13 14:25:10.153: Cert fingerprint verified

*Feb 13 14:25:10.158: Response code is 35

*Feb 13 14:25:19.743: cidsSdeeCallback is called

*Feb 13 14:25:19.743: cidsProcessSdeeQuery: ip=10.100.1.6,port=443 state=1 interval=10

*Feb 13 14:25:19.743: cidsQuerySend: https://10.100.1.6:443/cgi-bin/transaction-server?command=getShunEntryList

*Feb 13 14:25:19.744: curlHandle is c6facec

*Feb 13 14:25:19.744: Perform on curlHandle c6facec ...

*Feb 13 14:25:19.750: ssl_sensor_verify_callback: verifying cert from sensor

*Feb 13 14:25:19.751: Cert fingerprint verified

*Feb 13 14:25:19.755: Response code is 35

4 Replies 4

plao
Cisco Employee
Cisco Employee

p.s Controller release is 5.2

Did you run the "TLS Trusted Host" command on the module?

plao
Cisco Employee
Cisco Employee

Yes

plao
Cisco Employee
Cisco Employee

did all the steps on the AIP-SSM and on the controller per the configuration guide

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: