Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
602
Views
0
Helpful
3
Replies

IPS shun request to FWSM

Dileep Sivadas Padmini
Level 1
Level 1

‎11-05-2009 08:03 PM - edited ‎03-11-2019 09:37 AM

Hi,

Does it possible to configure IPS to send shun request to a FWSM module?

On IME there are only three device type to configure shun request

1 PIX /ASA

2. Cat6K

3. Cisco Router

Regards

Dileep

Labels:
0 Helpful
3 Replies 3

Panos Kampanakis
Cisco Employee
Cisco Employee

‎11-06-2009 10:35 AM

You can use PIX/ASA and do the shun on an FWSM. The command has the same syntax on both units.

I hope it helps.

PK

0 Helpful

Dileep Sivadas Padmini
Level 1
Level 1
In response to Panos Kampanakis

‎11-06-2009 10:33 PM

I have used the PIX/ASA type.

At that time FWSM logs revealed that IPS has initiated a SSH session to FWSM , but no shun is happening.

verified it by " show shun" command.

Here FWSM is configured in transparent mode having two BVI group.

And both IPS and FWSM BVI IPs are in same management VLAN.

Is any special configuration is required in transparent mode configuration?

i will post the detail logs in FWSM on coming Monday.

thanks

Dileep

0 Helpful

Dileep Sivadas Padmini
Level 1
Level 1
In response to Dileep Sivadas Padmini

‎11-09-2009 01:51 AM

Issue solved ,after adding FWSM ssh key to IPS (known host keys)

If you do not add, you will get a syslog message like this.

"SSH session from on interface for user "" disconnected by SSH server, reason: "TCP connection closed" (0x03)"

thanks

Dileep

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card