Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Problem adding CSA external interface in IPS 6

I configured my AIP-SSM sensor running IPS 6 to connect to the CSA MC, but I get a connection failure. The sensor is showing the following error when trying to connect:

evError: eventId=1168311248090659938 severity=warning vendor=Cisco

originator:

hostId: os-ips

appName: externalProductInterface

appInstanceId: 317

time: 2007/01/20 02:50:22 2007/01/19 20:50:22 GMT-06:00

errorMessage: name=errNotAvailable Failure opening a subscription on the Management Center for Cisco Security Agents external interface at 1.1.1.1: Parse response found a different element when expecting the SOAP Envelope element

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Problem adding CSA external interface in IPS 6

If your CSAMC is version 5.0 then can you please set the url to /csamc50/sdee-server and retry after enabling the interface.

thx

Madhu

5 REPLIES
Cisco Employee

Re: Problem adding CSA external interface in IPS 6

Can you please paste your config under service external-product-interface on the server? I am specifically looking for the url you have configured.

thx

Madhu

New Member

Re: Problem adding CSA external interface in IPS 6

The interface is currently disabled, but I think you'll get the picture.

---

cisco-security-agents-mc-settings (min: 0, max: 2, current: 1)

-----------------------------------------------

ip-address: 1.1.1.1

-----------------------------------------------

interface-type: extended-sdee

enabled: no default: yes

url: /csamc/sdee-server

port: 443

use-ssl

-----------------------------------------------

always-yes: yes

-----------------------------------------------

username: adminuser

password:

host-posture-settings

-----------------------------------------------

enabled: yes default: yes

allow-unreachable-postures: yes

posture-acls (ordered min: 0, max: 10, current: 1 - 1 active, 0 inactive)

-----------------------------------------------

ACTIVE list-contents

-----------------------------------------------

NAME: 1-subnet

-----------------------------------------------

network-address: 192.168.1.0/24

action: permit

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

watchlist-address-settings

-----------------------------------------------

enabled: yes

manual-rr-increase: 25

session-rr-increase: 25

packet-rr-increase: 10

Cisco Employee

Re: Problem adding CSA external interface in IPS 6

If your CSAMC is version 5.0 then can you please set the url to /csamc50/sdee-server and retry after enabling the interface.

thx

Madhu

New Member

Re: Problem adding CSA external interface in IPS 6

Ah ha! I missed that. I'm using 5.1 and made the change; it now shows the connection as active.

Thanks!

Cisco Employee

Re: Problem adding CSA external interface in IPS 6

This error indicates that the IPS is trying to establish communication with the CSA MC, and the CSA MC is returning an unexpected response.

A couple reasons you may be seeing this error:

1. I noticed that the error message says that the IPS is configured to talk to a CSA MC with the IP address 1.1.1.1. Is this the correct IP address for the MC - I?m thinking that the message?s actual IP address was changed before posting for security reasons?

2. For currently shipping and past versions of CSA MC, the CSA MC?s URL has to be configured in the IPS:

* If the CSA MC is version 5.1 (most likely) then configured the URL to be: /csamc51/sdee-server

* If the CSA MC is version 5.0 then configured the URL to be: /csamc50/sdee-server

* Also, if the CSA MC is version 5.0 then be sure to apply the latest patches to the CSA MC since the unpatched versions had issues that caused communication failures and loss of data.

* Note: The next CSA MC release will eliminate the need to set the URL.

Let me know whether this fixes the problem.

Regards,

Jeff

177
Views
7
Helpful
5
Replies