Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
888
Views
0
Helpful
2
Replies

IDSM-2 v7.x GUI unaccessible

BEN ROBINSON
Level 1
Level 1

‎05-13-2011 11:38 AM - edited ‎03-10-2019 05:21 AM

Hello!

We imaged and IDSM-2 with the latest 7.x code and went thru setup, but cannot access the GUI. We get a "page cannot be displayed". You can ping it fine from inside and outside the subnet and the access-list permits the subnet. going into config mode and viewing the stats on the web-server it states it's operating on TCP/443 and is up.

any ideas? am i missing something here?

Labels:
0 Helpful
2 Replies 2

Nicolas Fournier
Cisco Employee
Cisco Employee

‎05-18-2011 06:40 AM

Hi Ben,

Could you check from the "show ver" of your IDSM that the mainapp is in running state?

IPS# sh ver
Application Partition:

Cisco Intrusion Prevention System, Version 6.2(3)E4

Host:                                                         
    Realm Keys          key1.0                                
Signature Definition:                                         
    Signature Update    S510.0                   2010-08-25   
OS Version:             2.4.30-IDS-smp-bigphys                
Platform:               IPS4270-20-K9                         
Serial Number:          USE726N451                            
No license present
Sensor up-time is 29 days.
Using 1885556736 out of 4029317120 bytes of available memory (46% usage)
application-data is using 42.6M out of 174.7M bytes of available disk space (26% usage)
boot is using 40.9M out of 75.9M bytes of available disk space (57% usage)


MainApp          E-ECLIPSE_2010_SEP_01_15_35_6_2_2_24   (Ipsbuild)   2010-09-01T15:36:59-0500   Running   
AnalysisEngine   E-ECLIPSE_2010_SEP_01_15_35_6_2_2_24   (Ipsbuild)   2010-09-01T15:36:59-0500   Running   
CLI              E-ECLIPSE_2010_SEP_01_15_35_6_2_2_24   (Ipsbuild)   2010-09-01T15:36:59-0500             

Upgrade History:

  IPS-K9-6.2-3-E4   17:43:06 UTC Wed Sep 01 2010   

Recovery Partition Version 1.1 - 6.2(3)E4

Host Certificate Valid from: 27-Apr-2010 to 27-Apr-2012

IPS#

If that is the case, can you login to your blade from the service user and issue a "netstat -a" to make sure that the blade is listening on port 443?

-bash-2.05b$ netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 *:ssh                   *:*                     LISTEN      
tcp        0      0 *:telnet                *:*                     LISTEN      
tcp        0      0 10.48.67.102:https      *:*                     LISTEN      
udp        0      0 *:snmp                  *:*                                 
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  4      [ ]         DGRAM                    179    /dev/log
unix  2      [ ]         DGRAM                    131250456 
unix  2      [ ]         DGRAM                    220    
-bash-2.05b$

Could you also try to telnet to the blade on port 443 and see if the 3WHS completes?

Regards,

Nicolas

0 Helpful

BEN ROBINSON
Level 1
Level 1
In response to Nicolas Fournier

‎05-18-2011 10:16 AM

got this resolved with TAC - it was an IE issue. Aye. thanks!!!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card