Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
936
Views
0
Helpful
0
Comments

The user cannot use the PIX as a blocking device with Telnet or SSH after enabling shunning on IDS 4215 version 4.1

TCC_2
Level 10
Level 10

‎06-22-2009 06:06 PM - edited ‎03-08-2019 06:26 PM

Core issue

This happens when the ssh host key is not present in the pix.

Resolution

Log into the Intrusion Detection Sensor (IDS) using the service account and Secure Shell (SSH) to the PIX Firewall. This process provides the ability to accept the host key.

Once this is done, a manual shun is performed successfully. There is output from the show shun command that corresponds to the manual shun event configured on the IDS. Refer to the IDS show stat net command output. The shun should be "State=Active".

Refer to the Blocking section of Troubleshooting Sensor for further information on IDS blocking issues.

Problem Type

Connectivity to the device

Product Family

IDS/IPS - 4200 series sensor

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents