Re: IOS IPS and SDM 2.2.a

hquiros · ‎11-24-2005

Hello everybody!,

I have installed a Cisco 2821 Router with 12.4(4)T IOS version. And SDM V2.2.a. (enteprise service IOS image).

The router have 256MB Ram and 64MB flash memory.

From the SDM Interface cannot upload any .sdf file and cannot edit the signatures and tune de IOS IPS.

Do you know how i can fix that problem?.

Thanks for the answers friends.

jason.whiteaker · ‎11-25-2005

I'm also experiencing a similar problem...

I have a 1760 that I'm trying to install the SDM files onto, however, I simply get an error that RCP is denied. I did a packet trace and I see SDM login to the router, issue some rcmd commands, then try to open a TCP connection to destination port 514 (shell). The router sends a RST back to SDM as if the service isn't available, or, blocked by policy. I've tried simply issuing "ip rcmds rcp-enable" and the "remote-host" options - all to no avail.

I don't have any ACL's defined...this is a test install. I'm running 12.4 with IOS FW, IPS, etc.

Nothing seems to work! What am I missing? This is my first experience with 12.4. Arrgh!

-Jason

sikrishn · ‎12-16-2005

Hi,

In the recent releases of ios images any RCP client request that uses non-privileged port (> 1023) will be denied access to RCP server running on the device.

If SDM happens to use this non-privileged port when it connects to router this problem will happen.

You need to get newer version of SDM software which has this problem fixed.

Thanks

Siva.

sikrishn · ‎12-18-2005

Hi,

To add more info, here is the info on defect filed on SDM for RCP issue and workaround suggested.

Symptoms:

Issue 1) Installation of SDM version 2.2a or earlier on a router fails with RCP failure message.

Issue 2) "Load File from PC" feature of File Management dialog in SDM version 2.2a or earlier

fails.

Conditions:

These issues will be encountered for IOS images 12.4(4)T and above.

SDM uses RCP for installation operations. This problem occurs because the fix for CSCdu34824 in

recent Cisco IOS releases has changed RCP behavior. Because of this change, if the RCP client

uses a non-privileged port , the router RCP server does not respond and the above issues occur.

Workaround:

1) For Issue 1 :- Use the copy tftp flash command to copy SDM related files from PC to router.

2) For Issue 2 :- Use the copy tftp flash command to copy the required file from PC to router.

sikrishn · ‎12-16-2005

Hi,

Please let me know answers to the following questions.

- what is the name of the image that you are running on the device

- when you click on "Intrusion Prevention" tab in SDM do you see "Create IPS" and "Edit IPS" tabs

- explain the exact problem step by step.

- Do you see any message saying that IPS is not supported on this image. etc.

- If you dont get any such message please check you have enabled http/https service enabled on the device, if not enabled, enable and then try.

Thanks

Siva.

hquiros · ‎03-13-2006

Hello, sorry by the later response,

The image is 12.4.6T

when I click on Intrusion Prevention I see the Create IPS and Edit IPS tabs

The problem is when i try to edit IPS signatures, i dont see anything in the signatures sub-window.

Thanks for your help, the http and http services is enabled. When i do the command sho ip sdee alerts i see all events. But from the router SDM not see anything. What is the last version of SDM?.