Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

661
Views
0
Helpful
5
Replies
zeremy
Beginner
Beginner
‎12-15-2004 11:13 PM
‎12-15-2004 11:13 PM

Problem with VMS 2.2 w/ IDS MC 1.2.3

Hi,

We've been trying to get our new Cisco IDS 4235 sensor + VMS Basic to work for the last few days but with no success:

1) Install CiscoWorks VMS Common Services 2.2 with SP2 with the supplied vms 2.2 startup disk

2) Install IDS MC 1.2.3 from the startup disk

3) Upgrade our IDS 4235 to the latest IDS signature

- upgrade from 4.1(1)S47 to sp-4.1-4-S91

- upgrade from sp-4.1-4-S91 to sig-4.1-4-S131

4) Apply IDS-sig-4.1-4-S131.zip Sig Update on IDS MC 1.2.3

5) Successfully add our ids-4235 sensor with IDS MC using auto discover setting

6) IDS Security Monitor shows TLS-Connected status, etc

The issues we're facing:

1) unable to view any generated reports

- it's forever under the scheduled report tab

2) unable to view any ids events

The funny thing was we managed to generate and view reports on our first installation but an ids signature update went wrong forced us to reinstall the whole thing (including Win2k).

Is it because we apply IDS-sig-4.1-4-S131.zip without applying the sp-4.1-4-S91 on the IDS MC first?

IS the IDS MC 1.2.3 download available at cisco.com the same version as the one included in the startup disk? ( I think ours was IDS MC 1.2.3.1224)

Do I need to apply the Update 1 patch?

( I don't think so since we're already on CS 2.2 w/ SP2 )

Many thanks for any help.

Labels:
0 Helpful
5 REPLIES 5
Krystian9
Beginner
Beginner
‎12-16-2004 12:22 AM
‎12-16-2004 12:22 AM

Go directly to the IDS Device Manager panel (not the VMS) and check whether the sensor is generating reports. If its ok check VMS logs(audit log?) for errors in communicating with IDS/generating SecMon view.

I had couple updates go wrong, the only thing to do was to reimage the sensor and reinstall all updates on it.

You can try to protect your self from future problems with updates, try searching the forum for the link provided by cisco employee, which gives a 4-1(4)e patch to the sensor, which *might* fix the problem with later updates :)

0 Helpful
milan.kulik
Advocate
Advocate
‎12-20-2004 02:10 AM
‎12-20-2004 02:10 AM

Try to upgrade your VMS to IDS MC 2.0.

It's available on CCO and has some bugs fixed.

Regards,

Milan

0 Helpful
milan.kulik
Advocate
Advocate
In response to milan.kulik
‎12-20-2004 05:44 AM
‎12-20-2004 05:44 AM

Sorry, it's not available anymore, waiting for bug CSCeg51162 fix in 2.0.1 version.

Regards,

Milan

0 Helpful
zeremy
Beginner
Beginner
In response to milan.kulik
‎12-20-2004 04:57 PM
‎12-20-2004 04:57 PM

We seems to solve our strange problem without knowledge yesterday (restart ciscoworks?). Everything seems to be working fine so far. The Reports and Event Viewer working fine. Next, we're working on the ids shun feature & CSA on our VMS Server. Thanks!

Kind Regards,

Md Zeremy

0 Helpful
bernhard
Beginner
Beginner
In response to milan.kulik
‎01-13-2005 07:26 AM
‎01-13-2005 07:26 AM

Please note that IDSMC v2.0.1 and its release notes are now available on CCO at:

http://www.cisco.com/cgi-bin/tablebuild.pl/mgmt-ctr-ids-app

0 Helpful
Latest Contents
Email Security - QuoVadis Root Certificate Decommission Migh...
Created by dmccabej on 03-30-2021 09:32 AM
0
0
0
0
Problem Description For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b... view more
ISE REST APIs Webinar: April 6/7, 2021
Created by thomas on 03-25-2021 07:57 PM
1
5
1
5
  Register Now Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli... view more
FMT 2.3.4 adding ASA migrations of S2S VPN in public beta
Created by William_Hansch on 03-22-2021 08:00 AM
1
10
1
10
The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA: Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center VP... view more
What's New for Cisco Defense Orchestrator (CDO)
Created by Andrew Mallio on 03-22-2021 04:40 AM
1
40
1
40
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.  We make improvement... view more
ISE Data limiting best practices
Created by Jonathan Casillas on 03-18-2021 04:34 PM
0
5
0
5
Intro This document presents the ISE data limiting best practices that can dramatically improve the system performance on ISE. Symptoms Your deployment may be impacted if the alarms tab on ISE shows High load average, high CPU or high memoy usage alarm... view more
Content for Community-Ad