cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
468
Views
0
Helpful
4
Replies

Cisco Configuration Professional & IPS?

I have had an ongoing issue with SDM 2.5 not working correctly with an 877 ISR since the IOS was upgraded to 12.4(22)T. Prior to this it worked fine, however since 12.4(22)T HTTPS access has not worked correctly:

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Remote%20Access&topicID=.ee719fe&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc21882

My workaround was to use HTTP instead of HTTPS. Since a few days ago though SDM has stopped working altogether, it seems as a result of the Java client upgrading itself.

Since SDM is being replaced with CCP I decided to install this and see if this works as I doubt SDM is still being developed? CCP Versions 1.1 & 1.2 don't work with the 877 (most pages don't display) but the latest 1.3 Beta almost works fully. The only pages I can't access are the IPS ones. I have verified I have the -Xmx256m switch in the Java runtime settings but still the pages fail to display.

I know this is a Beta but there is nothing in the release notes about the IPS pages not working. I have an 877 running 12.4(24)T Advanced IP Services.

Thanks, Andy

4 Replies 4

mark.mclaughlin
Level 1
Level 1

I'm not sure if this will help you, but when I have problems with SDM, I've had to "allow active content to run in files on My Computer".

Set this in IE Tools -> Options -> Advanced -> Security.

Thanks for the reply, however I have tried this as it was a requirement for SDM to work (or at least to get past the popup blocker in IE), but alas it doesn't work. When you click on the Intrusion Prevention link there is a brief flash of the clock where the mouse pointer is but then the right of the window is just blank with the 'Intrusion Prevention System (IPS)' title.

I have also verified with 'netstat' and the application 'CiscoCPEngine.exe' is listening on three TCP ports - 8009, 8600 & 9139. I have verified these are allowed via the Windows Firewall Policy (plus I have disabled the firewall policy and the behaviour is still the same).

Has anyone else sucessfully used the IPS part of CCP (with any router)?

Andy

CCP 1.3 has now gone from beta to a 'real' product. I have just downloaded and installed it but IPS configuration still isn't available. However in the release notes a bug is listed (CSCsx52358). This states

"Symptom: You cannot configure IPS feature using

Cisco CP and will not be able to view or modify

signatures.

Condition: This problem occurs only with Cisco IOS

12.4(20)T and Cisco IOS 12.4(24)T images.

Workaround: There is no workaround."

So it is a known bug..... Any idea when this will get fixed - either IOS or CPP?

Cheers

Andy

I have installed the latest CCP 1.4 Beta and the IPS still doesn't work with the 877 & 12.4(24)T....

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: