08-19-2020 10:37 AM
See the below result of #Show module ips details
Card Type: Unknown
Model: N/A
Hardware version: N/A
Serial Number: FCH2042XXX
Firmware version: N/A
Software version: 7.1(7)E4
MAC Address Range: a0e0.af52.cb3b to a0e0.af52.cb3b
App. name: IPS
App. Status: Up
App. Status Desc: Normal Operation
App. version: 7.1(7)E4
Data Plane Status: Up
Console session: Ready
Status: Up
License: IPS Module Disabled perpetual
Mgmt IP addr: 192.168.1.2
Mgmt Network mask: 255.255.255.0
Mgmt Gateway: 192.168.1.1
Mgmt web ports: 443
Mgmt TLS enabled: true
Primary-FW#
Please see the first 3 line of orange color. result showed are unkown. what is the reason?
08-19-2020 01:14 PM
is that working one failed or is this new installation or any upgrades?
what is the outcome of #session sfr console?
08-19-2020 02:35 PM - edited 08-19-2020 02:41 PM
with console i can connect to ips sensor. what for this was unkown message?
Note: I can connect through ASDM_IDM to IPS. IP block is same as network. but shows "error connecting to sensor: error loading sensor" can you tell me please what are the problems?
Primary-FW(config)# sh module ips
Mod Card Type Model Serial No .
---- -------------------------------------------- ------------------ --------- --
ips Unknown N/A FCH20427L GX
Mod MAC Address Range Hw Version Fw Version Sw Version
---- --------------------------------- ------------ ------------ ------------- --
ips a0e0.af52.cb3b to a0e0.af52.cb3b N/A N/A 7.1(7)E4
Mod SSM Application Name Status SSM Application Version
---- ------------------------------ ---------------- ------------------------- -
ips IPS Up 7.1(7)E4
Mod Status Data Plane Status Compatibility
---- ------------------ --------------------- -------------
ips Up Up
Mod License Name License Status Time Remaining
---- -------------- --------------- ---------------
ips IPS Module Disabled perpetual
08-20-2020 02:26 AM
At this stage we are not sure what was the issue,
If you could able to console to IPS, if you have maintenance window, reload the module and see of that fix the issue.
also check the IPS logs you have any indications
08-20-2020 01:06 PM
I did it several times. but result is same.
08-20-2020 01:50 PM
I am afraid to have any further suggestions - moving forward opening a cisco TAC case for a quick resolution.
08-20-2020 07:45 PM
You are looking at the old style past-end-of-life IPS sensor, not the current Firepower service module (sfr).
In either case the module uses the ASA's physical management interface to communicate for purposes of ASDM, updates etc. Can you confirm that the management interface is physically connected and that you can reach the sesnor itself directly via the address indicated? (not via the ASA address but via the sensor address)
08-21-2020 02:40 AM
08-21-2020 04:28 AM
Sorry appolgies for the late reply.
So you able to access from console ? not able to access from ASDM
Can you post relavent configuraiton from ASA - correct Manangement VLAN allowed with the command "allow-ssc-mgmt"
or suggest to read this :
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide