Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
813
Views
0
Helpful
1
Replies

ips 4510 error adding trusted host.

jamoser
Level 1
Level 1

‎05-06-2013 05:33 PM - edited ‎03-10-2019 05:57 AM

Hello.

I'm trying to get event logs from my ips 4510 into splunk.

When I add the host on which splunk is running as a "trusted host" I get the error:

Cannot add #.#.#.# as a trusted host.  errTransport-socket connect failed [4,111]

There are no firewalls enabled on the splunk host.

On the splunk side, I've installed Cisco Security Suite and Cisco IPS applications.

The splunk logs show it's able to connect to the host, but then throws the following error:

URLError: <urlopen error Tunnel connection failed: 503 Service Unavailable>.

Not sure at this point if I need to configure something else before being able to add the splunk host as a trusted host?

Any info appreciated.

Thanks.

Labels:
0 Helpful
1 Reply 1

sokakkar
Cisco Employee
Cisco Employee

‎05-08-2013 12:15 PM

Hi Jamoser,

Could you try to ping the IPS from client? If it works, can you check there is no device in traffic path blocking TCP 443 to IPS? Can you do a capture on IPS to see if request on TCP 443 is indeed reaching the IPS?

-

Sourav

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card