cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
810
Views
0
Helpful
2
Replies

Cisco Security Manager using ACS and IPS Sensors

bgl-group
Level 1
Level 1

I thought I was being clever here and integrated my CSM server with IPS.

This has had two side effects - the first is it has trashed all the devices previously loaded into the system - so effectively I have a blank server. Not that big a problem as we only started using it a month ago but annoying anyway.

Second it now has an objection to installing the IPS sensors as they are not registered in ACS. Not that you can to be honest.

So how would I go about fixing this or is it just remove the ACS integration and go back to manual accounts on this box?

I did try adding one of the IPS sensors to ACS but after 30 minutes it still isn't registering?

Very puzzled.

Giles Cooper

2 Replies 2

bgl-group
Level 1
Level 1

Found the problem.

There are two databases one for TACACS authenticated devices and one for local authenticated devices.

I created a ACS entry for every IPS sensor, and then deleted the device records from ACS (Local authentication).

Converted to ACS mode and then reloaded each device back to the CSM database. Interesting use of a friday afternoon but it does work.

FYI,

There is a document for Cisco Security Manager - Integration with ACS.

https://supportforums.cisco.com/docs/DOC-15674

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: