Cannot connect to IPS - 7.1(8p1)E4.

Unanswered Question
Feb 21st, 2014
User Badges:

     Guys this is my first attempt at setting up IPS and I am obviously missing a trick. No matter what IP address I apply to the sensor I cannot attach.

I am expecting to be able to attach to the IPS via the FW inside interface. Thanks in advance


ASA - 192.168.205.2

GW - 192.168.205.1

IDS - 192.168.205.3



Mod  Card Type                                    Model              Serial No.
---- -------------------------------------------- ------------------ -----------
0      ASA 5525-X with SW, 8 GE Data, 1 GE Mgmt, AC ASA5525          
ips     ASA 5525-X IPS Security Services Processor   ASA5525-IPS       
cxsc   Unknown                                      N/A               


Removed the name from the config as per the instructions


interface GigabitEthernet0/1
duplex full
nameif INSIDE
security-level 100
ip address 192.168.205.2 255.255.255.0


interface Management0/0
management-only
no nameif
security-level 100
ip address 192.168.1.1 255.255.255.0


ips.png

Tried the following IP settings. Even tried 192.168.205.3/24,192.168.205.2 (ASA inside)


service host

network-settings

host-ip 192.168.1.1/24,192.168.1.2

host-name xxxx-IPS

telnet-option disabled

sshv1-fallback enabled

access-list 192.168.0.0/16

access-list 192.168.1.0/24



service host

network-settings

host-ip 192.168.205.3/24,192.168.205.1

host-name RLJEUK-IPS

telnet-option disabled

sshv1-fallback enabled

access-list 192.168.0.0/16

access-list 192.168.1.0/24      


Traffic is obviously detected but I am missing something


Interface Statistics

   Total Packets Received = 616301

   Total Bytes Received = 48071478

   Missed Packet Percentage = 0

MAC statistics from interface Management0/0

   Interface function = Command-control interface

   Description =

   Media Type = TX

   Default Vlan = 0

   Link Status = Up

   Link Speed = Auto_1000

   Link Duplex = Auto_Full

   Total Packets Received = 0

   Total Bytes Received = 0

   Total Multicast Packets Received = 0

   Total Receive Errors = 0

   Total Receive FIFO Overruns = 0

   Total Packets Transmitted = 2850

   Total Bytes Transmitted = 119700

   Total Transmit Errors = 0

   Total Transmit FIFO Overruns = 0

MAC statistics from interface PortChannel0/0

   Interface function = Sensing interface

   Description =

   Media Type = backplane

   Default Vlan = 0

   InlineMode = Unpaired

   Pair Status = N/A

   Hardware Bypass Capable = No

   Hardware Bypass Paired = N/A

   Link Status = Up

   Admin Enabled Status = Enabled

   Link Speed = N/A

   Link Duplex = N/A

   Missed Packet Percentage = 0

   Total Packets Received = 616301

   Total Bytes Received = 48071478

   Total Packets Transmitted = 616301

   Total Bytes Transmitted = 48071478 Interface Statistics
   Total Packets Received = 616301
   Total Bytes Received = 48071478
   Missed Packet Percentage = 0

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Steve Wood Fri, 02/21/2014 - 03:38
User Badges:

Sorry forgot some basic info. The error message reported is


"Error connecting to sensor. Error loading sensor"


The ASA can reach the Gateway 205.1 and itself 205.2 obviously.
The IPS can ping itself 205.3 . 205.2 and 205.1 fail

JonPBerbee Fri, 02/21/2014 - 07:56
User Badges:

Not sure if your problem is with the configuration of the Management interface or not but the below configuration is how we have the management interface configured on one of the 5545-X ASA's with IPS we manage and I'm able to connect via ssh to the command line and through the GUI too.  Your service host settings look ok to me, although we do not have

sshv1-fallback enabled on any of the IPS devices we manage.



interface Management0/0
 description "ips mgmt interface"
 management-only
 no nameif
 no security-level
 no ip address


Jon.

Actions

This Discussion