Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1267
Views
0
Helpful
5
Replies

Problem with VMS 2.2 w/ IDS MC 1.2.3

zeremy
Level 1
Level 1

‎12-15-2004 11:13 PM - edited ‎03-10-2019 01:11 AM

Hi,

We've been trying to get our new Cisco IDS 4235 sensor + VMS Basic to work for the last few days but with no success:

1) Install CiscoWorks VMS Common Services 2.2 with SP2 with the supplied vms 2.2 startup disk

2) Install IDS MC 1.2.3 from the startup disk

3) Upgrade our IDS 4235 to the latest IDS signature

- upgrade from 4.1(1)S47 to sp-4.1-4-S91

- upgrade from sp-4.1-4-S91 to sig-4.1-4-S131

4) Apply IDS-sig-4.1-4-S131.zip Sig Update on IDS MC 1.2.3

5) Successfully add our ids-4235 sensor with IDS MC using auto discover setting

6) IDS Security Monitor shows TLS-Connected status, etc

The issues we're facing:

1) unable to view any generated reports

- it's forever under the scheduled report tab

2) unable to view any ids events

The funny thing was we managed to generate and view reports on our first installation but an ids signature update went wrong forced us to reinstall the whole thing (including Win2k).

Is it because we apply IDS-sig-4.1-4-S131.zip without applying the sp-4.1-4-S91 on the IDS MC first?

IS the IDS MC 1.2.3 download available at cisco.com the same version as the one included in the startup disk? ( I think ours was IDS MC 1.2.3.1224)

Do I need to apply the Update 1 patch?

( I don't think so since we're already on CS 2.2 w/ SP2 )

Many thanks for any help.

Labels:
0 Helpful
5 Replies 5

Krystian9
Level 1
Level 1

‎12-16-2004 12:22 AM

Go directly to the IDS Device Manager panel (not the VMS) and check whether the sensor is generating reports. If its ok check VMS logs(audit log?) for errors in communicating with IDS/generating SecMon view.

I had couple updates go wrong, the only thing to do was to reimage the sensor and reinstall all updates on it.

You can try to protect your self from future problems with updates, try searching the forum for the link provided by cisco employee, which gives a 4-1(4)e patch to the sensor, which *might* fix the problem with later updates :)

0 Helpful

milan.kulik
Level 10
Level 10

‎12-20-2004 02:10 AM

Try to upgrade your VMS to IDS MC 2.0.

It's available on CCO and has some bugs fixed.

Regards,

Milan

0 Helpful

milan.kulik
Level 10
Level 10
In response to milan.kulik

‎12-20-2004 05:44 AM

Sorry, it's not available anymore, waiting for bug CSCeg51162 fix in 2.0.1 version.

Regards,

Milan

0 Helpful

zeremy
Level 1
Level 1
In response to milan.kulik

‎12-20-2004 04:57 PM

We seems to solve our strange problem without knowledge yesterday (restart ciscoworks?). Everything seems to be working fine so far. The Reports and Event Viewer working fine. Next, we're working on the ids shun feature & CSA on our VMS Server. Thanks!

Kind Regards,

Md Zeremy

0 Helpful

bernhard
Level 1
Level 1
In response to milan.kulik

‎01-13-2005 07:26 AM

Please note that IDSMC v2.0.1 and its release notes are now available on CCO at:

http://www.cisco.com/cgi-bin/tablebuild.pl/mgmt-ctr-ids-app

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card