Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
800
Views
0
Helpful
6
Replies

Unable to assign ACL to interface device [Cisco] IP [X.X.X.X]

rcrowe
Level 1
Level 1

‎07-30-2001 01:14 PM - edited ‎02-20-2020 09:15 PM

i upgraded my sensor from 2.5(1)S3 to 3.0(1)S4, now i keep getting the following error in error.managed : Unable to assign ACL to interface device [Cisco] IP [X.X.X.X] if [FastEthernet0/0], Connection lost to net device X.X.X.X. I can log into the router and see the access-lists IDS_FastEthernet0/0_in_0 and IDS_FastEthernet0/0_out_0 that it creates, but they never get assigned to an interface. Sorry for posting so much, new to Cisco IDS.

Labels:
0 Helpful
6 Replies 6

stleary
Cisco Employee
Cisco Employee

‎07-30-2001 01:59 PM

The sensor got an unexpected response from the router when it tried to assign the ACL.

This will cause the connection to be lost.

Two things you can try....

1. Verify that the router has an interface named FastEthernet0/0. If not, then configure the sensor to use the correct interface name and try running the sensor again.

2. Try these commands in enable mode on the router:

conf term

interface FastEthernet0/0

You should see a prompt like 'config-if' or 'config-subif'

If you do not see one of these prompts, then please post the prompt that you do see.

(At this point, you can type 'exit' twice, since you don't want to

actually configure the device)

If none of these suggestions help, you should open a TAC case. A TAC engineer will ask you

for your configuration info, and I will investigate further (stleary@cisco.com)

0 Helpful

rcrowe
Level 1
Level 1
In response to stleary

‎07-31-2001 06:15 AM

the prompt stays as a "conf" this is probably because the hostname of the router is long.

0 Helpful

stleary
Cisco Employee
Cisco Employee
In response to rcrowe

‎07-31-2001 06:45 AM

The hostname should be less than 18 chars in length.

I will write up a bug report, but the resolution will probably just be that we will update the user guide with a note.

0 Helpful

rcrowe
Level 1
Level 1
In response to stleary

‎07-31-2001 06:56 AM

sure...This is the hostname: hiss1_t3_sprint_7206vxr# This is the prompt in config mode: hiss1_t3_sprint_7206vxr(conf)# And this is the prompt in interface config mode for FastEthernet0/0: hiss1_t3_sprint_7206vxr(conf)#

Let me try to shorten the name and see if that helps.

0 Helpful

stleary
Cisco Employee
Cisco Employee
In response to rcrowe

‎07-31-2001 06:59 AM

OK Thanks. See my earlier post, which I just edited. We will continue investigating on this side, but a shorter name should fix the problem.

0 Helpful

rcrowe
Level 1
Level 1
In response to stleary

‎07-31-2001 07:34 AM

you are right on the money. shortened the name and it applied it fine. you are the man. thanks for all your help, i appreciate it.

0 Helpful
Customers Also Viewed These Support Documents