02-21-2014 03:26 AM - edited 03-10-2019 06:09 AM
Guys this is my first attempt at setting up IPS and I am obviously missing a trick. No matter what IP address I apply to the sensor I cannot attach.
I am expecting to be able to attach to the IPS via the FW inside interface. Thanks in advance
ASA - 192.168.205.2
GW - 192.168.205.1
IDS - 192.168.205.3
Mod Card Type Model Serial No.
---- -------------------------------------------- ------------------ -----------
0 ASA 5525-X with SW, 8 GE Data, 1 GE Mgmt, AC ASA5525
ips ASA 5525-X IPS Security Services Processor ASA5525-IPS
cxsc Unknown N/A
Removed the name from the config as per the instructions
interface GigabitEthernet0/1
duplex full
nameif INSIDE
security-level 100
ip address 192.168.205.2 255.255.255.0
interface Management0/0
management-only
no nameif
security-level 100
ip address 192.168.1.1 255.255.255.0
Tried the following IP settings. Even tried 192.168.205.3/24,192.168.205.2 (ASA inside)
service host
network-settings
host-ip 192.168.1.1/24,192.168.1.2
host-name xxxx-IPS
telnet-option disabled
sshv1-fallback enabled
access-list 192.168.0.0/16
access-list 192.168.1.0/24
service host
network-settings
host-ip 192.168.205.3/24,192.168.205.1
host-name RLJEUK-IPS
telnet-option disabled
sshv1-fallback enabled
access-list 192.168.0.0/16
access-list 192.168.1.0/24
Traffic is obviously detected but I am missing something
Interface Statistics
Total Packets Received = 616301
Total Bytes Received = 48071478
Missed Packet Percentage = 0
MAC statistics from interface Management0/0
Interface function = Command-control interface
Description =
Media Type = TX
Default Vlan = 0
Link Status = Up
Link Speed = Auto_1000
Link Duplex = Auto_Full
Total Packets Received = 0
Total Bytes Received = 0
Total Multicast Packets Received = 0
Total Receive Errors = 0
Total Receive FIFO Overruns = 0
Total Packets Transmitted = 2850
Total Bytes Transmitted = 119700
Total Transmit Errors = 0
Total Transmit FIFO Overruns = 0
MAC statistics from interface PortChannel0/0
Interface function = Sensing interface
Description =
Media Type = backplane
Default Vlan = 0
InlineMode = Unpaired
Pair Status = N/A
Hardware Bypass Capable = No
Hardware Bypass Paired = N/A
Link Status = Up
Admin Enabled Status = Enabled
Link Speed = N/A
Link Duplex = N/A
Missed Packet Percentage = 0
Total Packets Received = 616301
Total Bytes Received = 48071478
Total Packets Transmitted = 616301
Total Bytes Transmitted = 48071478 Interface Statistics
Total Packets Received = 616301
Total Bytes Received = 48071478
Missed Packet Percentage = 0
02-21-2014 03:38 AM
Sorry forgot some basic info. The error message reported is
"Error connecting to sensor. Error loading sensor"
The ASA can reach the Gateway 205.1 and itself 205.2 obviously.
The IPS can ping itself 205.3 . 205.2 and 205.1 fail
02-21-2014 07:56 AM
Not sure if your problem is with the configuration of the Management interface or not but the below configuration is how we have the management interface configured on one of the 5545-X ASA's with IPS we manage and I'm able to connect via ssh to the command line and through the GUI too. Your service host settings look ok to me, although we do not have
sshv1-fallback enabled on any of the IPS devices we manage.
interface Management0/0 description "ips mgmt interface" management-only no nameif no security-level no ip address
Jon.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide