03-12-2004 07:11 AM - edited 03-09-2019 06:44 AM
Hi all,
We implemented a new VMS Server with 4 IDS 4235 ver.4.1.
VMS is 2.2 with latest service packs installed.
The sensors were imported in VMS when the version was 4.1(3).74.
Then i developed some filters, signatures , internal networks on one of them, saved and copied the config to the other and deploied.
One of them is failing to get updated, and the others doesn't get any configuration from the ids manager,
the one is failing the update, return the following error:
IDS1(config)# tls trusted-host ip-address 10.10.10.10 port 443
Error: socket connect failed [4,110]
what is happening?
03-12-2004 11:04 AM
The "tls trusted-host ip-address" command tells the sensor to establish an HTTPS connection back to that HTTPS server and pull down it's SSL/TLS certificate.
In your case the IDS MC is executing this command so that the sensor will be able to connect back to the HTTPS server of the IDS MC box.
This is because for updates the IDS MC does not push the update to the sensor, instead it tells the sensor to connect back to the HTTPS port of the IDS MC and have the sensor get the update.
This means for the IDS MC to be able to update the sensor your network needs to allow HTTPS and SSH connections to the sensor from the IDS MC, as well as, an HTTPS connection from the sensor back to the IDS MC.
If there is a router or firewall between the 2 preventing that HTTPS connection then you will receive that error, or if the IDS MC's address is being NAT'ed or PAT'ed between the 2 then the sensor won't be able to connect to the IDS MC and you will get that error.
The error is stating that the sensor could not connect to the HTTPS port of the IDS MC machine.
I am not sure what is needed on the IDS MC to get it work in situations where the sensor is not able to connect to the IDS MC.
04-08-2004 01:56 AM
Hi,
We are having the same problem of managing a sensor from behind a firewall. The ids mc address is hidden and we can't setup a tls connection from the sensor.
A solution would be welcome.
Johan.
04-14-2004 02:16 AM
Hi,
We have a customer requesting these facts documented somewhere.
Do you know if there exists an official url or document describing these network settings?
Thanks,
Stephen
Ubizen - Security Analyst
04-15-2004 11:08 PM
Found the official paper:
Cheers,
Stephen
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide