Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Lack of managed daemon on IDSM

I cannot find the way to bring up the managed daemon on IDSM 3.0(5)S39.

I can do it via Netrangr, but I cannot via CSPM. Show conf on IDSM shows no such service (it shows five others). Is there maybe a way to do it via CLI on IDSM?

6 REPLIES
Cisco Employee

Re: Lack of managed daemon on IDSM

If in CSPM you configure the sensor to manage a router/pix/cat6000 and push that configuration to the sensor/IDSM; then CSPM will automatically add managed to the list of daemons to start on the IDSM/sensor.

New Member

Re: Lack of managed daemon on IDSM

Right - it tells theory. In my case I have the a strange problem, the CSPM generate all the necessary info and transfer it to IDSM, but the managed isn't still running. I have the S39 update to CSPM, and tried the 3.0.1.S4 and 3.0.5.S39 versions of IDSM. Maybe I haven't checked something important in the CSPM config - I entered the blocking devices, what else??

Cisco Employee

Re: Lack of managed daemon on IDSM

Try running that status report on your IDSM. In it should be a managed.conf file that should contain the information you entered for your device to be managed.

If the information is not in managed.conf then CSPM has not pushed the configuration to the IDSM.

New Member

Re: Lack of managed daemon on IDSM

The CSPM is pushing the conf. For some strange reason the managed started after downgrade to recommended in ciscodoc version 3.0.4, and is still running after upgrade.

The only problem is now with message

E Comm timeout for [10.10.255.4]. No recovery action will be taken at this time.

taken from the IDSM. The conf is in my opinion good but for some strange reason the router doesn't get configured (the error above).

Cisco Employee

Re: Lack of managed daemon on IDSM

Things to check:

Can the IDSM ping the Pix's Ip Address?

Does the Pix configuration allow the IDSM to connect to the Pix?

Verify that your username/passwords were entered correctly into the configuration.

What version of the Pix are you using and are you using telnet or 3DES ssh? I know the IDS appliances have a problem with using telnet to access the latest versions of the Pix, but I believe work fine using 3DES ssh. I don't know if the same problem exists on the IDSM.

New Member

Re: Lack of managed daemon on IDSM

I don't use the PIX - I use the Cisco 1750, I cannot ping every interface on it (incl Loopback), the username/password is correct (I can see IDSM as a logged user on C1700 - if the user/password is incorrect the error message is other). I can even even enter on the IDSM, using the nrset/nrget/nrgetbulk/nrexec required tokens, but IDSM simply doesn't change the router conf on my behalf - the error is as in previous email. I'm closing to open the TAC case.

107
Views
0
Helpful
6
Replies
CreatePlease to create content