ASA modul IPS issue unkown (urgent)

Ibrahim Bhuiyan · ‎08-19-2020

See the below result of #Show module ips details

Card Type: Unknown
Model: N/A
Hardware version: N/A
Serial Number: FCH2042XXX
Firmware version: N/A
Software version: 7.1(7)E4
MAC Address Range: a0e0.af52.cb3b to a0e0.af52.cb3b
App. name: IPS
App. Status: Up
App. Status Desc: Normal Operation
App. version: 7.1(7)E4
Data Plane Status: Up
Console session: Ready
Status: Up
License: IPS Module Disabled perpetual
Mgmt IP addr: 192.168.1.2
Mgmt Network mask: 255.255.255.0
Mgmt Gateway: 192.168.1.1
Mgmt web ports: 443
Mgmt TLS enabled: true
Primary-FW#

Please see the first 3 line of orange color. result showed are unkown. what is the reason?

balaji.bandi · ‎08-19-2020

is that working one failed or is this new installation or any upgrades?

what is the outcome of #session sfr console?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Ibrahim Bhuiyan · ‎08-19-2020

with console i can connect to ips sensor. what for this was unkown message?

Note: I can connect through ASDM_IDM to IPS. IP block is same as network. but shows "error connecting to sensor: error loading sensor" can you tell me please what are the problems?

Primary-FW(config)# sh module ips

Mod Card Type Model Serial No .
---- -------------------------------------------- ------------------ --------- --
ips Unknown N/A FCH20427L GX

Mod MAC Address Range Hw Version Fw Version Sw Version
---- --------------------------------- ------------ ------------ ------------- --
ips a0e0.af52.cb3b to a0e0.af52.cb3b N/A N/A 7.1(7)E4

Mod SSM Application Name Status SSM Application Version
---- ------------------------------ ---------------- ------------------------- -
ips IPS Up 7.1(7)E4

Mod Status Data Plane Status Compatibility
---- ------------------ --------------------- -------------
ips Up Up

Mod License Name License Status Time Remaining
---- -------------- --------------- ---------------
ips IPS Module Disabled perpetual

balaji.bandi · ‎08-20-2020

At this stage we are not sure what was the issue,

If you could able to console to IPS, if you have maintenance window, reload the module and see of that fix the issue.

also check the IPS logs you have any indications

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Ibrahim Bhuiyan · ‎08-20-2020

I did it several times. but result is same.

balaji.bandi · ‎08-20-2020

I am afraid to have any further suggestions - moving forward opening a cisco TAC case for a quick resolution.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Marvin Rhoads · ‎08-20-2020

You are looking at the old style past-end-of-life IPS sensor, not the current Firepower service module (sfr).

In either case the module uses the ASA's physical management interface to communicate for purposes of ASDM, updates etc. Can you confirm that the management interface is physically connected and that you can reach the sesnor itself directly via the address indicated? (not via the ASA address but via the sensor address)

Ibrahim Bhuiyan · ‎08-21-2020

Yes managent interface is connected and up. and I can ssh to the sensor successfully but not access through ASDM.

balaji.bandi · ‎08-21-2020

Sorry appolgies for the late reply.

So you able to access from console ? not able to access from ASDM

Can you post relavent configuraiton from ASA - correct Manangement VLAN allowed with the command "allow-ssc-mgmt"

or suggest to read this :

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/97405-aipssm-unresponsive.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help