Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Cisco Employee

AIP-SSM and Wireless Controller integration error

Having problem with TLS connection from controller to AIP-SSM. The response cide from IPS to the controller suppose to be 0 but I am getting 35.

TLS fingerprint matches between AIP-SSM and configuration on the controller. And connectivity is good between Controller and AIP-SSM and the time is sync between the two also.

AIP-SSM is Version 6.0(4)

Error log from AIP-SSM:

evError: eventId=1221057394278884465 vendor=Cisco severity=error

originator:

hostId: labips

appName: cidwebserver

appInstanceId: 393

time: February 13, 2009 1:58:39 PM UTC offset=0 timeZone=GMT-08:00

errorMessage: WebSession::sessionTask TLS connection exception: handshake incomplete. name=errTransport

(Cisco Controller) >debug wps cids enable

*Feb 13 14:24:50.982: cidsSdeeCallback is called

*Feb 13 14:24:50.983: cidsProcessSdeeQuery: ip=10.100.1.6,port=443 state=1 interval=10

*Feb 13 14:24:50.983: cidsQuerySend: https://10.100.1.6:443/cgi-bin/transaction-server?command=getShunEntryList

*Feb 13 14:24:50.983: curlHandle is c6facec

*Feb 13 14:24:50.983: Perform on curlHandle c6facec ...

*Feb 13 14:24:50.990: ssl_sensor_verify_callback: verifying cert from sensor

*Feb 13 14:24:50.990: Cert fingerprint verified

*Feb 13 14:24:50.995: Response code is 35

*Feb 13 14:25:00.565: cidsSdeeCallback is called

*Feb 13 14:25:00.565: cidsProcessSdeeQuery: ip=10.100.1.6,port=443 state=1 interval=10

*Feb 13 14:25:00.565: cidsQuerySend: https://10.100.1.6:443/cgi-bin/transaction-server?command=getShunEntryList

*Feb 13 14:25:00.566: curlHandle is c6facec

*Feb 13 14:25:00.566: Perform on curlHandle c6facec ...

*Feb 13 14:25:00.572: ssl_sensor_verify_callback: verifying cert from sensor

*Feb 13 14:25:00.573: Cert fingerprint verified

*Feb 13 14:25:00.577: Response code is 35

*Feb 13 14:25:10.145: cidsSdeeCallback is called

*Feb 13 14:25:10.146: cidsProcessSdeeQuery: ip=10.100.1.6,port=443 state=1 interval=10

*Feb 13 14:25:10.146: cidsQuerySend: https://10.100.1.6:443/cgi-bin/transaction-server?command=getShunEntryList

*Feb 13 14:25:10.146: curlHandle is c6facec

*Feb 13 14:25:10.146: Perform on curlHandle c6facec ...

*Feb 13 14:25:10.153: ssl_sensor_verify_callback: verifying cert from sensor

*Feb 13 14:25:10.153: Cert fingerprint verified

*Feb 13 14:25:10.158: Response code is 35

*Feb 13 14:25:19.743: cidsSdeeCallback is called

*Feb 13 14:25:19.743: cidsProcessSdeeQuery: ip=10.100.1.6,port=443 state=1 interval=10

*Feb 13 14:25:19.743: cidsQuerySend: https://10.100.1.6:443/cgi-bin/transaction-server?command=getShunEntryList

*Feb 13 14:25:19.744: curlHandle is c6facec

*Feb 13 14:25:19.744: Perform on curlHandle c6facec ...

*Feb 13 14:25:19.750: ssl_sensor_verify_callback: verifying cert from sensor

*Feb 13 14:25:19.751: Cert fingerprint verified

*Feb 13 14:25:19.755: Response code is 35

4 REPLIES
Cisco Employee

Re: AIP-SSM and Wireless Controller integration error

p.s Controller release is 5.2

Gold

Re: AIP-SSM and Wireless Controller integration error

Did you run the "TLS Trusted Host" command on the module?

Cisco Employee

Re: AIP-SSM and Wireless Controller integration error

Yes

Cisco Employee

Re: AIP-SSM and Wireless Controller integration error

did all the steps on the AIP-SSM and on the controller per the configuration guide

172
Views
0
Helpful
4
Replies
CreatePlease to create content