I just upgraded to 4.3.5 from 220.127.116.1136 two days ago. At first MARS lost the ability to generate a path for any incident. Today I can see that the path is being generated again but, the computer is shown as being connected to a VLAN instead of a specific switch port. MARS is also unable to offer any mitigation advice because it says no devices are available. Does anyone have any idea what is wrong or better yet a way to fix the problem?
Path generation was working correctly before I upgraded the system. I could get the port information for all the computers involved in incidents except for a couple of computers that are connected to Cisco 500 express switches.
I checked all the incidents this morning. The only path generatation that was working involved the ASA only. So incidents that involved only an internet address and the ASA were working correctly. I double checked my entry of two switches behind the ASA by logging in as the MARS device via SSH. The account and passwords the MARS box was using were correct. I then checked an incident invlovling each of those switches and just received an unable to compute path error. Is there any setting that could be changed that would cause similar behavior?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...