Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
436
Views
0
Helpful
3
Replies

Unable to communicate with 4235

slug420
Level 1
Level 1

‎07-07-2005 06:04 AM - edited ‎03-10-2019 01:31 AM

I am having trouble with one of our sensors. For quite some time it has been unaccessible although it continued sending alerts to security monitor. I recently went to the location of the IDS and powered it down and then back up at which point I was once again able to manage it and log into it via ssh and ssl. I then tried pushing out a new signature (this COULD be related) version 179 (or whatever the latest is) to the sensor which was formerly sitting at 137 or thereabouts (had been experiencing communication issues for quite some time). And now once again I still appear to be receiving alerts from it, but I cannot log into the device or push updates.

Here is the error message from when I tried pushing the new sig:

Sensor sensor-11: Signature Update Process

No certificate existed for the MC on the sensor, adding the certificate.

The trusted certificates on the sensor 120.2.2.2 have been updated.

An error occurred while running the update script on the sensor named sensor-11. Detail = An RDEP communication error occurred during the update. Exception message = org.apache.commons.httpclient.HttpRecoverableException: Error in parsing the status line from the response: unable to find line starting with "HTTP"

MC database sync complete.

When I try to telnet to it on 443 (since it wont accept my browser connections on ssl but I assume the sensor is connected this way since it is getting alerts):

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

<title>Server Error</title>

</head>

<body>

<h1>Server Busy</h1>

Maximum users reached.

</body>

</html>

Connection to host lost.

And when I try to ssh, after entering the username and password:

Error: Cannot communicate with system processes. Please contact your system administrator.

I cant get in with the service account btu it looks like I might have the wrong l/p information so im not completely ready to say that is a result of the sensor having problems too.

I am clearly going to have to trek over to this location to reboot the box again but do you have any ideas as to what the problem is?

Labels:
0 Helpful
3 Replies 3

owillins
Level 6
Level 6

‎07-13-2005 08:16 AM

Did you try applying the latest patches available? If possible try a reboot of the sensor.

0 Helpful

jamesand
Cisco Employee
Cisco Employee

‎07-14-2005 01:58 PM

The "Cannot comm with sys proc" err indicates a crash of one of the sensor applications. You should upgrade the sensor to the latest patch 4.1(4g) assuming you are running the 4.X version of IDS.

0 Helpful

balsheikh
Level 1
Level 1

‎10-03-2006 01:39 AM

Hello there,

I faced the same problem in getting the error message, I re-imported the affected IDS to the VMS and things going fine.

Steps:

under management center for IDS sensor, select device then select the affected IDS and re-import it.

kindly update me once you try it.

Regards,

Belal

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card