04-19-2004 05:33 PM - edited 03-09-2019 07:07 AM
I use IDSM2. The IDS device and host server was in different VLAN but with same netmask.
i can ping the ip address but i can't open ids device manager through web site(https://ipaddress). In IDSMC monitoring (VMS) there is no connection.
When i try to add sensor with Discover Settings, there is an error :
" Error importing configuration files from the sensor-Can not get the type of sensor. Remote process exit code unavailable"
this is my configuration with CLI :
sh conf
! ------------------------------
display-serial
! ------------------------------
service Authentication
general
methods method Local
exit
exit
exit
! ------------------------------
service Host
networkParams
ipAddress xx.yy.zzz.c (VLAN 1)
defaultGateway xx.yy.zzz.ccc (VLAN 1)
hostname IDSM2
telnetOption enabled
accessList ipAddress xx.a.bbb.d (VLAN 2) netmask 255.255.255.0
exit
optionalAutoUpgrade
active-selection none
exit
timeParams
summerTimeParams
active-selection none
--MORE--
exit
exit
exit
! ------------------------------
service Logger
masterControl
enable-debug false
exit
zoneControl zoneName Cid
severity debug
exit
zoneControl zoneName AuthenticationApp
severity warning
exit
zoneControl zoneName Cli
severity warning
exit
zoneControl zoneName ctlTransSource
severity warning
exit
zoneControl zoneName IdapiCtlTrans
severity warning
exit
zoneControl zoneName IdsEventStore
--MORE--
severity warning
exit
zoneControl zoneName MpInstaller
severity warning
exit
zoneControl zoneName tls
severity warning
exit
exit
! ------------------------------
service NetworkAccess
general
allow-sensor-shun false
shun-enable true
exit
exit
! ------------------------------
service SshKnownHosts
exit
! ------------------------------
service TrustedCertificates
exit
! ------------------------------
service WebServer
--MORE--
exit
! ------------------------------
interface group 0
sensing-interface int7
sensing-interface int8
exit
interface sensing int7
exit
interface sensing int8
exit
_______________________
Group 0 is up
Sensing ports int7,int8
Logical virtual sensor configuration: virtualSensor
Logical alarm channel configuration: virtualAlarm
what's wrong with my configuration ?? can someone here help me please..
04-20-2004 05:20 AM
From your configuration it seems you have two Vlans on the switch. Are the Vlans configured in the same group / trunked ?
Also did you configure the Blade with the default 443 port?
04-20-2004 09:37 AM
The problem is likely that your accessList is using a single address with the netmask for a network.
If you are only allowing a single address then leave the netmask dsignator off the configuration line, or set it 255.255.255.255 (all 255s).
Only use a 255.255.255.0 netmask if you designate the subnet address not a single address.
So for example for a single address:
accessList ipAddress 10.1.1.1
or
accessList ipAddress 10.1.1.1 netmask 255.255.255.255
For the entire 10.1.1.0 network is the only time you would use the 255.255.255.0 netmask
accessList ipAddress 10.1.1.0 netmask 255.255.255.0
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide