Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

MARS 6.0 discovering ASA 8.0

I am having trouble discovering my ASA 8.0 firewall after adding it to the "Security and Monitor Devices" section. The error message I get is related to ssh and is attached to this post as a screenshot file. I confirmed that the asa is allowing MARS to connect to it via SSH and I am using an account in TACACS+ that is valid and is able to communicate with TACACS because I'm logged into the MARS appliance with it. There is also an IPS SSM module added and this was discovered successfully. It was configured the same way. The procedure seems pretty straight forward. What am I doing wrong?

5 REPLIES
Cisco Employee

Re: MARS 6.0 discovering ASA 8.0

I'm getting a "Document does not exist!" message trying to view it.

Can you host it and provide a url?

Is it stopping because your banner is too long? What do you get on the screen?

RJ

New Member

Re: MARS 6.0 discovering ASA 8.0

Sorry, I'll post it again.

in case it doesn't, here's the error

spawn ssh -c 3des -l mwesche 10.0.250.2

ssh: connect to host 10.0.250.2 port 22: Connection refused

Error executing ssh command

New Member

Re: MARS 6.0 discovering ASA 8.0

I don't get it. I never had an issue with attaching a gif file before. Oh well, sorry I couldnt provide one. My error message is stated also in my last post. That is what is written to the error log when I attempt to discover the ASA.

New Member

Re: MARS 6.0 discovering ASA 8.0

I figured out why the ASA was refusing the connectin. I allowed ssh access to the ASA from the out of band IP address of the MARS appliance. During the discovery, apparently the MARS appliance sources the discovery packets and attempts the ssh session from its eth0(main production IP address). Once I defined eth0 IP in the ssh access statements in the firewall the discovery was successful.

Cisco Employee

Re: MARS 6.0 discovering ASA 8.0

Thanks for the update!

221
Views
0
Helpful
5
Replies
CreatePlease to create content