Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IDSM-2 Error

I keep receiving theses two errors over and over again in my logs "WebSession::SessionTask(#) TLS exception: handshake imcomplete"

"received fatal_alert: certificate unknown"

Currently I use IPS manager 2.2, and import the devices using TLS (cant import without). I keep receiving these errors but don't know if it has to do with the ciscoworks box or not or how to correct them. Thanks for the help

Cisco Employee

Re: IDSM-2 Error

These errors generally happen when the sensor has generated a new certificate (like after a re-image, or a version 4.x to 5.0 upgrade).

There is a client still trying to connect to the sensor, but has the sensor's old certificate saved away.

This generaly happens with IEV or Security Monitor (within VMS).

How to track it down:

Create a service account.

Login with the service account.

Switch to user root (su -) using the same password as the service account.

Run "ifconfig -a" to determine the interface with the sensor's IP assigned to it.

Execute "tcpdump -i "

Look for what IP Addresses are attempting to connect to port 443 (HTTPS) of the sensor.

Track down these IP Addresses and ensure the software running on these IPs has been updated with the sensor's new certificate.

作成コンテンツを作成するには してください