05-13-2011 11:38 AM - edited 03-10-2019 05:21 AM
Hello!
We imaged and IDSM-2 with the latest 7.x code and went thru setup, but cannot access the GUI. We get a "page cannot be displayed". You can ping it fine from inside and outside the subnet and the access-list permits the subnet. going into config mode and viewing the stats on the web-server it states it's operating on TCP/443 and is up.
any ideas? am i missing something here?
05-18-2011 06:40 AM
Hi Ben,
Could you check from the "show ver" of your IDSM that the mainapp is in running state?
IPS# sh ver
Application Partition:
Cisco Intrusion Prevention System, Version 6.2(3)E4
Host:
Realm Keys key1.0
Signature Definition:
Signature Update S510.0 2010-08-25
OS Version: 2.4.30-IDS-smp-bigphys
Platform: IPS4270-20-K9
Serial Number: USE726N451
No license present
Sensor up-time is 29 days.
Using 1885556736 out of 4029317120 bytes of available memory (46% usage)
application-data is using 42.6M out of 174.7M bytes of available disk space (26% usage)
boot is using 40.9M out of 75.9M bytes of available disk space (57% usage)
MainApp E-ECLIPSE_2010_SEP_01_15_35_6_2_2_24 (Ipsbuild) 2010-09-01T15:36:59-0500 Running
AnalysisEngine E-ECLIPSE_2010_SEP_01_15_35_6_2_2_24 (Ipsbuild) 2010-09-01T15:36:59-0500 Running
CLI E-ECLIPSE_2010_SEP_01_15_35_6_2_2_24 (Ipsbuild) 2010-09-01T15:36:59-0500
Upgrade History:
IPS-K9-6.2-3-E4 17:43:06 UTC Wed Sep 01 2010
Recovery Partition Version 1.1 - 6.2(3)E4
Host Certificate Valid from: 27-Apr-2010 to 27-Apr-2012
IPS#
If that is the case, can you login to your blade from the service user and issue a "netstat -a" to make sure that the blade is listening on port 443?
-bash-2.05b$ netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:telnet *:* LISTEN
tcp 0 0 10.48.67.102:https *:* LISTEN
udp 0 0 *:snmp *:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 4 [ ] DGRAM 179 /dev/log
unix 2 [ ] DGRAM 131250456
unix 2 [ ] DGRAM 220
-bash-2.05b$
Could you also try to telnet to the blade on port 443 and see if the 3WHS completes?
Regards,
Nicolas
05-18-2011 10:16 AM
got this resolved with TAC - it was an IE issue. Aye. thanks!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide