Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
790
Views
0
Helpful
3
Replies

IDS can't see PIX system

smartin
Level 1
Level 1

‎09-11-2002 07:34 AM - edited ‎02-20-2020 10:14 PM

IDS ver 3.1(2) 30 E1 private address resides on the internal network.

My PIX ver 6.2 has an interface on the internal network.

From my PIX I can ping, telnet to the IDS, see everything.

From the IDS I can ping every address on the internal network, can see everything but my PIX.

HELP !!!

0 Helpful
3 Replies 3

stleary
Cisco Employee
Cisco Employee

‎09-11-2002 08:11 PM

Are you trying to configure the IDS to use the PIX to

block attacking hosts? If so, I will try to assist.

If not, I may not understand your question, can you clarify?

0 Helpful

smartin
Level 1
Level 1
In response to stleary

‎09-12-2002 03:35 AM

Yes I'm trying to use the PIX system for shunning. I've read some of the post regarding telneting problems because of the upgrade on the PIX to 6.2 but I thought it only effects when the IDS is not on the inside of the firewall.

0 Helpful

stleary
Cisco Employee
Cisco Employee
In response to smartin

‎09-12-2002 04:53 AM

The telnet problem affects sensors on the inside network

of the firewall. The recommended workaround is to configure

IDS and PIX to use SSH with 3des encryption. If your PIX

does not have 3des encryption enabled and you don't want

to upgrade, then you will need to upgrade a part of the IDS

software. IDS telnet to PIX 6.2 is fixed in a beta version of the

IDS nr.managed process. You can get the upgrade by opening

a TAC case and requesting the beta nr.managed which fixes

DDTS CSCdx55215.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card