Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
1
Replies

Error Adding a Blocking Device (PIX)

Go to solution
admin_2
Level 3
Level 3

‎07-16-2003 02:17 PM - edited ‎02-20-2020 10:51 PM

hi!

Thanks for the quick response.

Now, I get the following error when I try to add a blocking device to my IDS sensor:

Error: errNotFound Net device references a shun device config record that does not exist. Attempted configuration update was rejected. [0,3]

Any idea why this error is generated?

The sensor knows the firewall's IP, the username, the enable password, and the remote access password. SSH is enabled on the firewall. I tried adding the firewall as a trusted host, but I get the error:

Error: socket connect failed [4,111]

Any help would be appreciated. Thanks!

Bercy

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎07-16-2003 02:55 PM

I assume this is a version 4.0 or 4.1 sensor??

If so then the first error "Error: errNotFound Net device references a shun device config record that does not exist. Attempted configuration update was rejected. [0,3]" is fairly easy to explain.

The username and password information is configured as a "shun device configuration" that you give your own made up name to.

Then when you add in the Pix as a device to be managed you will specifically reference your previously created "shun device configuration" (the name you made up).

Not quite sure what the second error is.

I assume you are running the command:

configure terminal

ssh host-key 10.1.1.1

(replacing 10.1.1.1 with your pix address)

It will establish an ssh connection to your pix and

display the server key. You will need to accept the key if it is correct.

If you don't accept the key then NAC will not be able to connect to the Pix using SSH.

NOTE: The Pix may also need to be configured to accept ssh connections from the sensor.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
marcabal
Cisco Employee
Cisco Employee

‎07-16-2003 02:55 PM

I assume this is a version 4.0 or 4.1 sensor??

If so then the first error "Error: errNotFound Net device references a shun device config record that does not exist. Attempted configuration update was rejected. [0,3]" is fairly easy to explain.

The username and password information is configured as a "shun device configuration" that you give your own made up name to.

Then when you add in the Pix as a device to be managed you will specifically reference your previously created "shun device configuration" (the name you made up).

Not quite sure what the second error is.

I assume you are running the command:

configure terminal

ssh host-key 10.1.1.1

(replacing 10.1.1.1 with your pix address)

It will establish an ssh connection to your pix and

display the server key. You will need to accept the key if it is correct.

If you don't accept the key then NAC will not be able to connect to the Pix using SSH.

NOTE: The Pix may also need to be configured to accept ssh connections from the sensor.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card