Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IDS4.1 update from VMS

Hi all,

We implemented a new VMS Server with 4 IDS 4235 ver.4.1.

VMS is 2.2 with latest service packs installed.

The sensors were imported in VMS when the version was 4.1(3).74.

Then i developed some filters, signatures , internal networks on one of them, saved and copied the config to the other and deploied.

One of them is failing to get updated, and the others doesn't get any configuration from the ids manager,

the one is failing the update, return the following error:

IDS1(config)# tls trusted-host ip-address 10.10.10.10 port 443

Error: socket connect failed [4,110]

what is happening?

4 REPLIES
Cisco Employee

Re: IDS4.1 update from VMS

The "tls trusted-host ip-address" command tells the sensor to establish an HTTPS connection back to that HTTPS server and pull down it's SSL/TLS certificate.

In your case the IDS MC is executing this command so that the sensor will be able to connect back to the HTTPS server of the IDS MC box.

This is because for updates the IDS MC does not push the update to the sensor, instead it tells the sensor to connect back to the HTTPS port of the IDS MC and have the sensor get the update.

This means for the IDS MC to be able to update the sensor your network needs to allow HTTPS and SSH connections to the sensor from the IDS MC, as well as, an HTTPS connection from the sensor back to the IDS MC.

If there is a router or firewall between the 2 preventing that HTTPS connection then you will receive that error, or if the IDS MC's address is being NAT'ed or PAT'ed between the 2 then the sensor won't be able to connect to the IDS MC and you will get that error.

The error is stating that the sensor could not connect to the HTTPS port of the IDS MC machine.

I am not sure what is needed on the IDS MC to get it work in situations where the sensor is not able to connect to the IDS MC.

New Member

Re: IDS4.1 update from VMS

Hi,

We are having the same problem of managing a sensor from behind a firewall. The ids mc address is hidden and we can't setup a tls connection from the sensor.

A solution would be welcome.

Johan.

New Member

Re: IDS4.1 update from VMS

Hi,

We have a customer requesting these facts documented somewhere.

Do you know if there exists an official url or document describing these network settings?

Thanks,

Stephen

Ubizen - Security Analyst

New Member

Re: IDS4.1 update from VMS

259
Views
5
Helpful
4
Replies
CreatePlease login to create content