Re: Connecting to NME-IPS results in connecting to cisco router

lpdamamity · ‎12-12-2012

Suddenly, without any clear reason, I cannot access the NME-IPS in my router.

Instead it connects to the router console.

The IP address is also pingable.

Output:

gateway#service-module IDS-Sensor 1/0 status

Service Module is Cisco IDS-Sensor1/0

Service Module supports session via TTY line 66

Service Module is in Steady state

Service Module heartbeat-reset is enabled

Getting status from the Service Module, please wait..

Cisco Systems Intrusion Prevention System Network Module

Software version: 7.0(6)E4

Model: NME-IPS

Memory: 443504 KB

Mgmt IP addr: 192.168.11.99

Mgmt web ports: 443

Mgmt TLS enabled: true

gateway#service-module IDS-Sensor 1/0 session

Trying 192.168.11.99, 2066 ... Open

C

-----------------------------------------------------------------------

Cisco Router and Security Device Manager (SDM) is installed on this device.

This feature requires the one-time use of the username "cisco"

with the password "cisco". The default username and password have a privilege level of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.

Here are the Cisco IOS commands.

username <myuser> privilege 15 secret 0 <mypassword>

no username cisco

Replace <myuser> and <mypassword> with the username and password you want to use.

For more information about SDM please follow the instructions in the QUICK START

GUIDE for your router or go to http://www.cisco.com/go/sdm

-----------------------------------------------------------------------

User Access Verification

Username:

turnera · ‎12-12-2012

Looks as though you may have an open session that you are unaware of. Try the "cont-shift-6 disconnect" and see if that does not clear things up for you. You can also try telnetting directly to the NME-IPS module instead of sessioning into it.

Or reboot the box if that does not clear it up.

lpdamamity · ‎12-12-2012

I turnera,

Thans for replying!

I disconnected the session. No result

When I telnet from subnet 192.168.6.0/24 (through the router) to 192.168.11.99 i get the cisco router login

I have the two subnets on the same physical network.

When I try to ping form a system with just a 192.168.11.0/24 address I do nbot get a result!

Can I check the IPS external network status?

Regards!

lpdamamity · ‎12-12-2012

Another thing:

When I login though the session. And wait a while ... and give an enter .... I get the IDS login.

And I can get in....

Weird?!

turnera · ‎12-12-2012

Ok, so what you are experiencing is how the sessioning and login works.

Try this:

service-module IDS-Sensor 1/0 session

enter username

enter password

hit return

hit return again ( do not wait for a prompt prior to hitting return the second time.)

You should then be at the NME module prompt.

This is normal.

lpdamamity · ‎12-12-2012

OK, so that looks normal.

But I cannot acccess it by ssh https. Also IME is not connecting.

Regards

turnera · ‎12-12-2012

If IME is not connecting, is it giving you some sort of error?

Do you have ASDM launcher loaded? if so, does it also fail to connect?

When you launch IME are you prompted for a password, is that failing on the password entry or does it simply fail to connect to the device?

I have not been able to access my NME via https either, I get a Java error, but I pretty much always use Cisco IME to access my NME module so I have not chased down the Java issue.

Connecting to NME-IPS results in connecting to cisco router itself