09-11-2002 07:34 AM - edited 02-20-2020 10:14 PM
IDS ver 3.1(2) 30 E1 private address resides on the internal network.
My PIX ver 6.2 has an interface on the internal network.
From my PIX I can ping, telnet to the IDS, see everything.
From the IDS I can ping every address on the internal network, can see everything but my PIX.
HELP !!!
09-11-2002 08:11 PM
Are you trying to configure the IDS to use the PIX to
block attacking hosts? If so, I will try to assist.
If not, I may not understand your question, can you clarify?
09-12-2002 03:35 AM
Yes I'm trying to use the PIX system for shunning. I've read some of the post regarding telneting problems because of the upgrade on the PIX to 6.2 but I thought it only effects when the IDS is not on the inside of the firewall.
09-12-2002 04:53 AM
The telnet problem affects sensors on the inside network
of the firewall. The recommended workaround is to configure
IDS and PIX to use SSH with 3des encryption. If your PIX
does not have 3des encryption enabled and you don't want
to upgrade, then you will need to upgrade a part of the IDS
software. IDS telnet to PIX 6.2 is fixed in a beta version of the
IDS nr.managed process. You can get the upgrade by opening
a TAC case and requesting the beta nr.managed which fixes
DDTS CSCdx55215.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide