Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

MARS mitigation: can not push to pix

I just installed MARS 4.1 to monitor IDS (4.0), PIX (6.3.3) and several internal switches. Everything seems ok but the mitigation. It appears if the mitigation suggestion is a switch, the PUSH botton is activated, but if the PIX is the suggested solution, the PUSH button is not activated.

The PIX is configured with SSH. I verified the passwords and snmp string. Still same problem. Anyone have any ideas?

Thanks,

5 REPLIES
Silver

Re: MARS mitigation: can not push to pix

sure that all the L2 devices have the SNMP RO community strings specified in the HTML interface for L2 mitigation, even if the access type is not SNMP. (See Mitigation, page 18-6 for more information on mitigating an attack.)

The SNMP RO community string is always required on Layer 2 devices for L2 mitigation. L2 devices must be added manuallythere is no automatic discovery for these device.

CS-MARS does not discover L2 devices automatically as it does with L3 devices.

New Member

Re: MARS mitigation: can not push to pix

PIX would be a L3 device. I am having the same problem. Bump.

New Member

Re: MARS mitigation: can not push to pix

Too bad Mars does not push to L3 devices. I hear they are plaaning to put it into future releases.

New Member

Re: MARS mitigation: can not push to pix

So even though it offers the shun command it will not push to the PIX? That doesn't sound right - did you talk with TAC on this? TIA.

New Member

Re: MARS mitigation: can not push to pix

Yes, I had a TAC case. It is also in the documentation. I didn't see the fine print. Mars will only push to L2 not L3.

101
Views
4
Helpful
5
Replies
CreatePlease to create content