Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
420
Views
0
Helpful
2
Replies

Cannot open IPS via IDM

James Cotterill
Level 1
Level 1

‎02-27-2015 10:28 AM - edited ‎03-10-2019 06:20 AM

Issue with IDM access to IPS module

 

To anyone that can assist!

 

I have a situation where I can only connect to via IPS module using the ASA console and opening a session to the module itself. I cannot open an IDM session at all.

This device is acting as a secondary device and the primary is functioning correctly.

The problem has occurred after inputting the following configuration in via a sevice account to disable weak ciphers.

su -
cd /usr/cids/idsRoot/etc
cp tls.conf tls.conf.orig
sed '/TLS_RSA_WITH_DES_CBC_SHA/d' tls.conf.orig > tls.conf
/etc/init.d/cids reboot

The IPS was stuck in INIT for two hours and caused the ASA isssues with failover so the device was phycially powered off. After being restored, I can log in via the console, but cannot browse to it or monitor the module via IME.

Does anyone have an idea on how to resolve this issue?

Many thanks

James Cotterill

Labels:
0 Helpful
2 Replies 2

CSCO12625692
Level 1
Level 1

‎02-27-2015 11:55 AM

Hi James,

Try logging to IPS via CLI and regenerate the certificate with:

>tls generate-key

Remove and re-add IPS on IDM

 

 

0 Helpful

James Cotterill
Level 1
Level 1
In response to CSCO12625692

‎03-05-2015 08:15 AM

Hi CSCO12625692,

Thanks for replying, unfortunately that did not resolve anything.

I cannot browse to the page either. It is almost as if the web service has now stopped completely.

Any ideas?

thanks

James

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card