Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

CISCO AIP SSM-10

Hello,

I am having ASA 5510 with AIP SSM-10, i want to configuring AIP SSM, i see some events on it.

evStatus: eventId=1231331883623717536 vendor=Cisco

  originator:

    hostId: Sensor-A

    appName: interface

    appInstanceId: 337

  time: 2010/05/15 07:00:49 2010/05/15 12:00:49 GMT+05:00

  netInterfaceMissedPacketThresholdExceeded:

    description: GigabitEthernet0/1 : Missed-packet threshold was exceeded.  100% of packets were missed.

    interfaceName: GigabitEthernet0/1

on the dash board it shows:
Missed Packet = critical
Event retieval = critical
I have apply service policy and applied any traffic to be go through IPS. but its no
thank you,
Zafar
12 REPLIES
Cisco Employee

Re: CISCO AIP SSM-10

Have you enabled the virtual sensor (vs0) on the IPS module itself?

If you IDM into the IPS, you can check the following:

Configuration --> Policies --> IPS Policies --> edit "vs0" --> tick "Assigned" for gig0/1 (backplane interface) --> OK --> click "Apply"

Hope that helps.

New Member

Re: CISCO AIP SSM-10

hello,

thanks for your reply.

yes it wasnt assigned to interface, i followed your instruction and did that, it worked for a while but later same error msgs

i noticed that its happening since its installed in NEW ASA 5510.

Cisco Employee

Re: CISCO AIP SSM-10

What version of AIP module are you running?

If you haven't run the latest version, you might want to upgrade it to 7.0.2(E4).

New Member

Re: CISCO AIP SSM-10

AIP SSM 10, IPS version 6.1 (1) E1

Cisco Employee

Re: CISCO AIP SSM-10

Yes, definitely old version of code.

Please upgrade it to the latest version of 7.0.2(E4)

New Member

Re: CISCO AIP SSM-10

Thanks,

i will certainly upgrade the IPS version, could you tell me how to take back up of existing IPS version software?

Cisco Employee

Re: CISCO AIP SSM-10

You can't take a backup of the actual IPS software. You can backup the configuration however, using the "copy" command:

http://www.cisco.com/en/US/docs/security/ips/6.0/command/reference/crCmds.html#wp458440

Hope that helps.

New Member

Re: CISCO AIP SSM-10

Hello,

I have upgraded the IPS version to 7.0.2 E3, now i don't see missed packet errors but still receiving event retrieval error.

thanks

Zafar

Cisco Employee

Re: CISCO AIP SSM-10

If you are not retrieving any events from external server, you can turn that feature off.

Here is how you would turn it off:

Configuration --> Sensor Management --> Sensor Health --> untick Event Retrieval.

Hope that helps.

New Member

Re: CISCO AIP SSM-10

Hi

thnks alot for your quick response

just one question, it shows in sensor health that "License time remaining --critical---no license".

its showing since we have purchased it.

Cisco Employee

Re: CISCO AIP SSM-10

Try to update the license directly via cisco.com:

Configuration --> Sensor Management --> Licensing --> Update from cisco.com

Without license, you can not update the signature pack to the latest version.

If the IPS subscription license has expired, you can purchase it to allow you to update to the latest signature  pack.

New Member

Re: CISCO AIP SSM-10

Thanks Alot Halijenn for your guidance

1591
Views
5
Helpful
12
Replies
CreatePlease to create content