New Member

Timeout error msg while manual Blocking

My customer uses IDS 4210 with 3.1(3)S31 installed and uses CSPM 2.3.3i.

Until 1 week ago there was no problem but he says when he want to block manually some hosts or networks at Router via CSPM Event Viever he gets Error timeout waiting response.

He uses PIX 525 with 6.1(3) and there is rule that allows to IDS to telnet Router.I checked blocking configuration and configuration and passwords was correct.

Any idea?

Thanks in advance

Cisco Employee

Re: Timeout error msg while manual Blocking

do automatic shuns still worK? Is nr.managed still working? can you send a copy of his /usr/nr/etc/managed.conf file from the sensor and the output of nrstatus run on the sensor?

New Member

Re: Timeout error msg while manual Blocking

Yes he checked with nrstatus command and managed is not running.

And here managed.conf file: I hided if addresses and passwords.

Why managed is not running? He couldn't say regarding automatic shunning

I will check this today.

Any comment


# Generated: Fri Sep 13 11:39:15 2002

# Template: D:\Program Files\Cisco Systems\Cisco Secure Policy Manager\bin\templates\3.0\etc\managed.conf.template

# Sensor Version: 3.1(3)S31

# Sensor OS: SunOS

FilenameOfError ../var/errors.managed

AllowSensorShun 0

NetDevice CiscoDefault bbb ccc

ShunInterfaceCisco Serial0/0 in

NeverShunAddress ddd.ddd.ddd.ddd

Cisco Employee

Re: Timeout error msg while manual Blocking

Look at the /usr/nr/etc/deamons file on the sensor. Is nr.managed there?? If not, go into CSPM and make sure blocking is still set up for the sensor (select the sensor, then the blocking tab, then make sure there are devices listed.)

