Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IDS can't see PIX system

IDS ver 3.1(2) 30 E1 private address resides on the internal network.

My PIX ver 6.2 has an interface on the internal network.

From my PIX I can ping, telnet to the IDS, see everything.

From the IDS I can ping every address on the internal network, can see everything but my PIX.

HELP !!!

  • Other Security Subjects
Cisco Employee

Re: IDS can't see PIX system

Are you trying to configure the IDS to use the PIX to

block attacking hosts? If so, I will try to assist.

If not, I may not understand your question, can you clarify?

New Member

Re: IDS can't see PIX system

Yes I'm trying to use the PIX system for shunning. I've read some of the post regarding telneting problems because of the upgrade on the PIX to 6.2 but I thought it only effects when the IDS is not on the inside of the firewall.

Cisco Employee

Re: IDS can't see PIX system

The telnet problem affects sensors on the inside network

of the firewall. The recommended workaround is to configure

IDS and PIX to use SSH with 3des encryption. If your PIX

does not have 3des encryption enabled and you don't want

to upgrade, then you will need to upgrade a part of the IDS

software. IDS telnet to PIX 6.2 is fixed in a beta version of the

IDS nr.managed process. You can get the upgrade by opening

a TAC case and requesting the beta nr.managed which fixes

DDTS CSCdx55215.

This widget could not be displayed.