I have an IDS-4210 installed in conjunction with CSPM and have set up my blocking device which is a 2620 router. After testing a manual block then checking the router for the access-list statement we determined that the connection was not being maintained by the sensor even though the router shows a telnet connection from the sensor.. After working with the local Cisco Engineer and running nrgetbulk with NetDeviceStatus and NetDevice - the output shows that the connection does not stay active - it only shows Login_sent. I have the correct telnet, enable password, username in CSPM and the sensor shows this information also and have rechecked my sysconfig-sensor settings and all is correct. Is there something I'm missing in regards to the sensor to maintain the active telnet state for blocking.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...