Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

SMpolicy table lookup from MARS

Hi!! Thanks in advance for your help.

I'm working in the integration of the subject. I'm working with SM ver. 3.3.1; MARS6.0.4; FWSM 4.0(2); IDM-2 ver 7.0(2). I have followed the document "Security Manager Policy Table Lookup from a MARS Event" at

I am having the following problems (by the moment... i am starting my tests):

1- events are sent from IDSM-2 to MARS, but when i click in the icon of the SM, i get the following error message:"An error occurred while querying policies from Cisco Security Manager. There may be a temporary connectivity problem with Cisco Security Manager device.  Retry the operation after 1-2 minutes. " I never can get to SM from MARS. There is connectivity ( the events in IDSM-2 are shown in MARS)

2- In FWSM i have configured a rule to test (an ACE with the log keyword). I can see the event in the ASDM, but not in MARS. If i navigate in SM, ->select device (FWSM context)->access rules->select the rule->(right click on rule)show events->real time->matching this rule     The MARS window open and i can see the rule in MARS. But there are no ocurrences.

The logging configuration in FWSM context is as follows:

The ACE is : access-list inside extended deny tcp host host eq telnet log emergencies

ssh inside     To allow acces from MARS.

FWSM#sh runn | in logging
logging enable
logging timestamp
logging buffer-size 8092
logging console debugging
logging monitor warnings
logging buffered errors
logging trap debugging
logging asdm informational
logging device-id ipaddress inside
logging host insidet  (IP mars address)
logging debug-trace
logging class ip trap informational
logging message 111111 level informational

I hope somebody can provide me with a hint to solve this.


CreatePlease to create content