Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IEV Issue

Hi All:

I just upgrade IDS4210 image from Version 3.0(1)S4 to 3.1(2)S23 , everything seem ok , except IDS can't listen on 443 port , as bellow is my check list

1:cat /usr/nr/sp-update/output.log

ids-postpatch: IDSk9-sp-3.1-1-S22.bin has been successfully installed.

Warning! Your system will begin shutdown in 30 seconds!!!

Press <Ctrl-C> to quit if you do not wish to reboot!

..............................

Shutting down now!

2:# ps -eaf |grep cidwebserver

root 658 1 0 00:03:21 ? 0:08 /usr/nr/idsRoot/bin/cidwebserver -d

# ps -eaf |grep cidServer

# kill -9 658

# ps -eaf |grep cidwebserver

# ./cidServer start

Settings match current configuration...no need to update.

Checking for certificates...certificates found.

Starting cidwebserver... done

# ./cidServer stop

Stopping cidwebserver... 707 terminated.

# ./cidServer start

Settings match current configuration...no need to update.

Checking for certificates...certificates found.

Starting cidwebserver... Error: cidwebserver (707) is already running.

# cidServer version

cidwebserver v37 (Release) 02/05/17-15:40

cidwebserver (707) is running.

I don't know above message are normal , any one can tell me!

  • Other Security Subjects
1 REPLY
Cisco Employee

Re: IEV Issue

Not exactly sure what you're asking here, or what the problem is. The output of 1. is certainly vaild, seeing as you installed a service pack the sensor needs to reboot.

The output of 2. seems OK, why exactly are you trying to manually stop/start the web server? Everything I see there seems OK.

Do you mean you still can't https:// to the sensor? Are you sure https:// (TCP port 443) is open to the sensor (not being blocked anywhere)? Do you get prompted to accept the security certificate, or do you not get that far? If you login as root and do "netstat -an |grep 443" do you see the sensor listening on that port? If so then it should be working OK. Try doing a snoop on the command/control interface and then try https'ing in, do you see those packets come in?

79
Views
0
Helpful
1
Replies
This widget could not be displayed.