10-13-2006 10:22 AM - edited 03-10-2019 03:16 AM
Hi everyone!
I have a NM-CIDS-K9 in a Cisco 3845 Router and i did the exact steps in the documentation to configure it but still i can not access the IDM from LAN or any other interface. I can only access it from the router by telneting to it or by issuing the "service-module ids-sensor x/y session" command.
Any ideas about where do i go wrong?
Thanks!
10-14-2006 12:26 PM
Can you share the "sh settings" output?
I asumed all basic config, i.e IP, gateway and management ssh/https are correctly set.
What's the network list defined under access-list? Is it default value, or already set/changed to reflect whatever subnet/IP you allowed to? If this is default, change it accordingly.
Also, check whether the web-server settings is correctly configured. Default https is tcp 443 with TLS-enabled, or port 80 (without TLS).
Rgds,
AK
10-16-2006 01:55 AM
Hi a.kiprawih,
unfortunatly i don't have access to the config file for the moment, but i permited access on the NM-CIDS to the whole LAN subnet that the router is conected to and also the webserver on the NM-CIDS is enabled on the default 443.
The problem i think is somewhere on the router as either i try to connect on 443 to the router's ip address or to the loopback interface that i configured for the NM-CIDS i get the same SDM interface and not the IDM interface as i expected.
Should i disable the ip http server on the router?
Should i use for management the FastEtherenet interface that is located on the module (Above this fastEthernet it say "Not used")?
thank you,
Costin
10-16-2006 02:31 AM
Hi Costin,
Yes, if you already assigned IP (for FastE management port) to the module, then you need to bring it up by connecting it to your hub/switch (use utp-straight cable, or cross-over cable if you connect direct to pc).
You should be able to ping the IDS module IP from router or any permitted station(s) in your network.
I did experienced the same issue when I first got the router+IDS. I was in puzzled on why I couldn't access the IDS, not until I hook the port to a switch.
I think that's the same reason why you can't access the module. And if you access your router via web interface(SDM), you should be able to jump to the IDS module now and get access to it. Or, use https to access it directly (https://x.x.x.x) from your workstation.
Let the http server service running on the router, as this is meant for SDM. Otherwise, you wouldn't be able to access the box via web browser.
Give it a try. I believed your IDS should be ok now.
Rgds,
AK
10-16-2006 03:16 AM
Thanks again,
i think this will solve it.
I was confused by the fact that above that port it is written "Not used" or something like that.
Costin
10-16-2006 04:31 PM
Good to hear that. Bring up the interface & test the operation & connectivity.
Pls rate all useful post(s)
rgds,
AK
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide