Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
One sensor will not update, tried to delete sensor from VMS IDS-MC, but get error saying there is a change pending. However, can't find any pending changes. Was told there is a script I could run to solve this issue, but can't locate it. Any Suggesti...
Certificate on IDSM Console expired. Created new certificate, then deleted and add IDS Sensor using discovery. Login to IDS sensor verified clock on matched IDSM Console, then removed trusted-host and re-add to generate new certificate. Cert on senso...
It appears that the IDS services on my CSPM 2.3.3i(Windows NT) machine is no longer running. I have not been able to discover why these services won't start. I was wondering if anyone has experienced this type of problem before and could offer any su...
I believe there is a known bug that causes this type of issue, which was fix in patch level g. What patch level are you at? Currently patch level h is available.http://www.cisco.com/cgi-bin/tablebuild.pl/ids-patches
Thanks for your response. It appears old cert was being cache somewhere. Once I stopped and started crmdmgtd service, sensors were able to grab new cert.
Thanks for your response. I believe you're correct about it being VMS cert. Used keytool -printcert -file ./server.cert to veiw newly created cert, which is now good for 10 years. Already tried your suggestion of removing VMS trusted-host on sensor a...
I had a very similar problem and ended up moving everything back to S21. Uninstalling S22 was very easy and worked without any problems on the sensors. However, this was not the case with the Policy Manager, and I had to re-install CSPM before I coul...
Thanks for your advice. I have 5 services running on each of my netrangers, they are nr.configd, nr.packetd, nr.postofficed, nr.fileXferd, and nr.sapdI trimed the logfiles as you suggested, which were getting to big.However, I'm still getting the sam...
