Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Cisco Configuration Professional & IPS?

I have had an ongoing issue with SDM 2.5 not working correctly with an 877 ISR since the IOS was upgraded to 12.4(22)T. Prior to this it worked fine, however since 12.4(22)T HTTPS access has not worked correctly:

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Remote%20Access&topicID=.ee719fe&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc21882

My workaround was to use HTTP instead of HTTPS. Since a few days ago though SDM has stopped working altogether, it seems as a result of the Java client upgrading itself.

Since SDM is being replaced with CCP I decided to install this and see if this works as I doubt SDM is still being developed? CCP Versions 1.1 & 1.2 don't work with the 877 (most pages don't display) but the latest 1.3 Beta almost works fully. The only pages I can't access are the IPS ones. I have verified I have the -Xmx256m switch in the Java runtime settings but still the pages fail to display.

I know this is a Beta but there is nothing in the release notes about the IPS pages not working. I have an 877 running 12.4(24)T Advanced IP Services.

Thanks, Andy

4 REPLIES
Community Member

Re: Cisco Configuration Professional & IPS?

I'm not sure if this will help you, but when I have problems with SDM, I've had to "allow active content to run in files on My Computer".

Set this in IE Tools -> Options -> Advanced -> Security.

Re: Cisco Configuration Professional & IPS?

Thanks for the reply, however I have tried this as it was a requirement for SDM to work (or at least to get past the popup blocker in IE), but alas it doesn't work. When you click on the Intrusion Prevention link there is a brief flash of the clock where the mouse pointer is but then the right of the window is just blank with the 'Intrusion Prevention System (IPS)' title.

I have also verified with 'netstat' and the application 'CiscoCPEngine.exe' is listening on three TCP ports - 8009, 8600 & 9139. I have verified these are allowed via the Windows Firewall Policy (plus I have disabled the firewall policy and the behaviour is still the same).

Has anyone else sucessfully used the IPS part of CCP (with any router)?

Andy

Re: Cisco Configuration Professional & IPS?

CCP 1.3 has now gone from beta to a 'real' product. I have just downloaded and installed it but IPS configuration still isn't available. However in the release notes a bug is listed (CSCsx52358). This states

"Symptom: You cannot configure IPS feature using

Cisco CP and will not be able to view or modify

signatures.

Condition: This problem occurs only with Cisco IOS

12.4(20)T and Cisco IOS 12.4(24)T images.

Workaround: There is no workaround."

So it is a known bug..... Any idea when this will get fixed - either IOS or CPP?

Cheers

Andy

Re: Cisco Configuration Professional & IPS?

I have installed the latest CCP 1.4 Beta and the IPS still doesn't work with the 877 & 12.4(24)T....

155
Views
0
Helpful
4
Replies
CreatePlease to create content