Panos Kampanakis Fri, 11/06/2009 - 10:35
User Badges:
  • Cisco Employee,

You can use PIX/ASA and do the shun on an FWSM. The command has the same syntax on both units.

I hope it helps.


Dileep Sivadas ... Fri, 11/06/2009 - 22:33
User Badges:

I have used the PIX/ASA type.

At that time FWSM logs revealed that IPS has initiated a SSH session to FWSM , but no shun is happening.

verified it by " show shun" command.

Here FWSM is configured in transparent mode having two BVI group.

And both IPS and FWSM BVI IPs are in same management VLAN.

Is any special configuration is required in transparent mode configuration?

i will post the detail logs in FWSM on coming Monday.



Dileep Sivadas ... Mon, 11/09/2009 - 01:51
User Badges:

Issue solved ,after adding FWSM ssh key to IPS (known host keys)

If you do not add, you will get a syslog message like this.

"SSH session from on interface for user "" disconnected by SSH server, reason: "TCP connection closed" (0x03)"




This Discussion