Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

bz
New Member

I can't telnet to my sensor or access it via IDM!!!

This is the second sensor (4210) I'm putting up, the first one had no problems or whatsoever. I've already added the IP addresses in the Access Control List from sysconfig-sensor. I can ping to and from the sensor. I can do ftp from the sensor to my ftp server (for signature updates). But I cannot telnet, ftp, or use IDM to the sensor...help!!! I've already re-image the sensor twice...still no luck.

4 REPLIES
Cisco Employee

Re: I can't telnet to my sensor or access it via IDM!!!

IDM is available on version 3.1 Software, are you running 3.1 or above?

Check the following URL to see if you are following the correct steps (eg the Certificate Fingerprint etc)

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids8/13872_01.htm#xtocid8

HTH

R/Yusuf

Cisco Employee

Re: I can't telnet to my sensor or access it via IDM!!!

Try and ssh to the Sensor from your ftp server. If that fails, login to the Sensor as root from the Console and run sysconfig-sensor. and select option 9 - Secure Communications, option 2 - Secure Shell Communications, and then option 1 - Security level. If the Security level is Medium or High, then telnet has been disabled. Select low to allow telnet. Exit out to the Main menu and select option 11 - IDS Device Manager. Verify that it is enabled. Make sure that you are using the correct URL - https://ipaddress:443. If there is a firewall between the browser and the Sensor, verify that the https traffic is allowed (as well as telnet, ftp, ssh).

bz
New Member

Re: I can't telnet to my sensor or access it via IDM!!!

Security level is set to Low and IDS Device Manager is enabled. There is no firewall between the browser and the Sensor. Any other suggestions...

Cisco Employee

Re: I can't telnet to my sensor or access it via IDM!!!

Things to try:

1) Look in the etc/hosts.allow file and see if the entries match what you typed in sysconfig-sensor. Verify there are no spelling errors like a comma used instead of a period.

2) Execute a snoop on the command and control interface, and then try to execute the telnet. You should see the SYN packets coming from your client. Make sure the addresses in the packets match the addresses in the etc/hosts.allow file. Also see what the sensor's response is.

104
Views
0
Helpful
4
Replies