Re: IDS MC 1.1.1 - Updating sensor erases part of Post Office Co
The "show conf" command on the IDSM has to do some detailed analysis of the configuration files to try and determine which machine is the "Director".
It will look in the etc/destinations file for a line with the smid daemon as the destination. It will then look at the hostname and orgname and check against the entries in the etc/hosts files to pull the corresponding hostids and orgids.
It was built this way to work with the older management platforms like CSPM and Unix Director where the configuration tool and viewing tool were both on the same box using the same postoffice connection (a single director concept).
However, with VMS, the IDS MC is used for configuration while the Security Monitor is used for viewing. This can sometimes confuse the method that "show configuration" and "setup" use to determine the "director" information.
What you are seeing is common when the IDS MC is not running on the same machine as the Security Monitor. The IDSM should have a destination of the Security Monitors smid process. In some cases you will need to use the IDS MC to add a separate destination for smid of the Security Monitory into the IDSM's configuration.
Most likely you originally entered the IDS MC as the director, but since there is no longer a line with smid on the IDS MC in the destinations file the "setup" and "show configuration" commands are confused.
The "setup" and "show configuration" are just having a hard time intepreting a configuration where the configuration director is different than the viewing director and winds up leaving those fields blank.
AS long as you are still able to configure the IDSM from IDS MC, and receive new alarms in Security Monitor then your actual IDS configuraiton is probably fine and the actual IDS daemons are interpreting them just fine.
(NOTE: The IDS daemons don't have the concept of a director. They just know that the IDS MC and Security Monitor are other machines and can usually operate just fine)
It is only the "setup" and "show configuration" commands that have this problem trying to represent it with the concept of a single director machine.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...