Well, IPS tries to connect on port 443 by defaut on the target IP address. If it is closed, you'll receive this error.

Alternatively, you can specify the port number in the command.

Regards,

Sawan Gupta

This isnt the IPS device, its IDSM. also , I am trying to add a trusted host.

Right. The trusted-host should have port 443 open.

Once a trusted-host is added, then for future communication the stored key would be used.

Please have a look at the following link:

http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliTasks.html#wp1056053

Regards,

Sawan Gupta

Adding a host as trusted-host does not mean that the traffic from that host won't be analyzed.

If you trust the traffic from a source IP, do you see any false alerts being generated ?

the traffic is not a false positive. I want to add the source/destination to the exclusion list so that I should not get this alrert from next time.My requirement it tell the IDSM to trust the traffic and do not declare it as malacious

Could you please tell us more about the network topology.

Regards,

Sawan Gupta

The network topology is very simple, we have server forms connected via an IDSM which is acting as NIDS. it is detecting the malacious traffic on singnature based. I got a alert that one of the server is receving the SQL injection attack from an internet IP and I checked with the server owner and he confirmed that the traffic from the internet  IP is legitimate. so I want to exclude this IP from the NIDS so that I will not get this alert from next time.

Hi,

This case please disable the signature which is givinge alert.or tune the signature for ur server.

Regards

Rajeswar