IDS 4125 , web interface access, CLI access, monitoring
I knew that we can use ciscowork 2000 to monitor IDS.
1- But can I use Cisco security agent to monitor IDS as well ?
2- Are there any other software for monitoring IDS beside ciscowork 2000 ?
3- Does IDS 4125 itself have web interface for monitoring ?
4- We have got IDS 4125 at work (production line), I tried to access it through web interfaces, I tried all of these without any success:
https(with s)://192.168.x.x,and https(with s)://192.168.x.x:443, http(without s)://192.168.x.x, I could not, then I tried to access it through console without any success.
I can telent to it.
Regards
Regards
1) No. CSA is a host based IDS. Do you mean Cisco Security Manager? I'm not positive, but I don't think the CSM supports event monitoring like the old CiscoWorks/VMS did.
http://www.cisco.com/en/US/customer/products/ps6498/products_data_sheet0900aecd803ffd5c.html
2)Here are the Cisco tools:
IDS Event Viewer (free): http://www.cisco.com/cgi-bin/tablebuild.pl/ips-ev
CSMARS: http://www.cisco.com/en/US/products/ps6241/index.html
CiscoWorks SIM(netforensics): http://www.cisco.com/en/US/products/sw/cscowork/ps5209/index.html
Otherwise, just do a google search for "Security Event Management" or similar. The Cisco IDS/IPS has enough market share that most vendors support them.
3) I'm not familiar with that model. Do you mean 4215? The 5.x version has an event monitoring web interface. I don't remember if the 4.x code does.
4) By default, the 5.x sensor will be listening on tcp port 443 for https connections and tcp port 22 for ssh connections. telnet is disabled by default. These can all be modified though.
Similar Messages
-
Cisco Prime 2.0 web interface access
We just installed Cisco Prime Infrastructure 2.0 Express. It seemed to have installed correctly? But Two oddities. First when the system is restarted it takes and inordinate amount of time before the web interface becomes available. Once the web service is responding, it will not except ANY login credentials.
I can ssh to the instance and using cli, added two additional accounts. All accounts can access the install instance using ssh. None are able to login to the webinterface.
Thoughts as to what I may have missed?
GabePlease login to the CLI as admin then execute the command to change the password for the root WebUI acccount
> ncs password root password Private123
Loading USER - root
Validating new password..
Resetting password ..
Resetting password COMPLETED.
EXECUTION STATUS : Success
Once you've changed this password please then try to use those credentials to login to
the WebUI you indicated was presented in your response above.
Let me know if this does it. If not, we'll need to go a little deeper::: -
Content Library / Web Interface - access issue
BPC Microsoft 7.5 SP6
Windows 2008 R2 server
We have puublished an Excel template as an HTML page to allow (web only users) access to a menuing system and have subsequent access to their individual reports in PDF format. The menu page comes up without errors but I encounter the error "You don't have access" when clicking on a menu option (cells within template). The cells contain an Excel Hyperlink function in conjunction with a EVBNV function to launch this report. (No BPC or excel errors exist within template)
We have created a virtual directory for BPC application in addition to Reports and ReportServer for Reporting Services. We have modified the Site Settings and Folder Setttings in Reporting Services configuration to allow web users to correct role access.Users can access Reporting services Report url without a problem but the web interface does not want to launch/retrieve a pdf file. We have the correct BPC task capabilities and task profiles assigned, insuring they can access and use the content library.
Thoughts?
Thanks in advance.It appears there is an issue with EVBNV formula and its ability to dynamically pass parameters in HTML format.
IM 0003554460/20111 -
SRW224G4P: no web interface access
Hi to all!
I've read many ppl having similar problem, but mine is a little bit different.
The web interface of my switch (SRW224G4P) used to work very well, but since some time it is not possible to access, it sends back a page that contains:
<html><body><script>window.close();</script></body></html>
On Safari and IE it closes the window (of course), on Chrome it stays blank.
If I try to access via HTTPS it raises a problem with certificate, saying the certificate is for sw0.ph.cube.lan (the previous name of the siwtch) and not for sw0.voip.cube.lan (the actual name). I suspected it could be something related to name change, but even going back to the previous setting does not resolve.
I've tried to reset to factory defaults, even reflashing with the same firmware version, but the problem is not solved yet.
HW: SRW224G4P
SW: 1.3.1
TIA
Andrea MistraliHi Andrea
You have done everything I would have tried, except have you upgrades your Internet explorer to a very recent Version ?
the datasheet shows that the unit supports only "Microsoft Internet Explorer (version 5.5 or later)" but I am thinking that it works best with IE6.
Maybe someone else has a better idea, but try using a IE version 6 and maybe not the more recent versions of IE.
If that fails, since the product has a "5-year limited hardware warranty with return to factory replacement and 90-day limited software warranty"
If the problem really is switch software on that switch, it sounds like a case for a replacement.
Contact the Small Business Support Center via the following URL.
http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
regards Dave -
SFE-2010P Crash on web interface access
Hello!
I have 1 SFE-2010P with latest factory installed firmware 2.0.1.80 3/06/2008.
It's configured to be on access mode for a remote branch.
It has a trunk with other Linksys switch, which has a trunk with a core Catalyst switch.
There are several VLAN's on the switch.
Management IP is on VLAN 201,and has ip 192.168.201.42.
Everything works great until I try to get an access to Web Interface of the switch. From different VLAN and subnet (192.168.3.0/24) I'm connecting through
Catalyst 3750 to 192.168.201.42 (a /24 subnet). I log in as valid user (admin), and when the browser points me to http://192.168.201.42/home.htm
switch REBOOTS!!!!
Telnet (Menu and LCLI mode) works great, and doesn't reboot the switch.
SFE-2010 is a great hardware, and it's a most powerful from Linksys's switches.
So I hope you'll help me.
P.S.
Here is my config:
interface ethernet g1
switchport mode trunk
exit
vlan database
vlan 10,30,108,201
exit
interface ethernet e27
switchport access vlan 10
exit
interface ethernet g1
switchport trunk allowed vlan add 10
exit
interface ethernet g1
switchport trunk allowed vlan add 30
exit
interface range ethernet e(1-12,14-26,28-48)
switchport access vlan 108
exit
interface ethernet g1
switchport trunk allowed vlan add 108
exit
interface ethernet e13
switchport access vlan 201
exit
interface ethernet g1
switchport trunk allowed vlan add 201
exit
interface vlan 10
name pp-a
exit
interface vlan 30
name av
exit
interface vlan 108
name veda8_lan
exit
interface vlan 201
name Management
exit
no ip dhcp snooping verify
interface vlan 201
ip address 192.168.201.42 255.255.255.0
exit
ip default-gateway 192.168.201.12If the management IP of your switch is 192.168.201.42, then it must be in VLAN 108 and not in VLAN 201 but assuming I didn't get it correctly, it seems that you're in the right track because as soon as you're asking to log-in to the admin page of the SFE switch, it means that you're using the correct and management PC of the switch. I would agree with you, you're supposed to access it and it shouldn't behave that way. Maybe you could still narrow down the setup of you network. I mean, maybe you could try changing the management VLAN or use the computer that is directly connected to that switch while accessing it. Thanks!
-
How can I access the we interface of this switch if it is configured to get its IP address from the DHCP server? Since it is DHCP I do not know what IP address has been assigned to it therefore I do not know what ip address to enter in the browser.
ThanksHello, Mr. Berenquel, The MAC should have been on a label on the Back or Bottom of the unit. Do you have access to the Switch? Another option would be to get a console cable and console into the switch. Once you do that you can see the IP address and MAC address.
Eric Moyers
Cisco Network Support Engineer
CCNA, CCNA-Wireless
1-866-606-1866 -
Prime Infrastructure 1.3 Can't start DB.Can't use WEB interface access
Hi,
Suddently, all services at prime infrastructure 1.3 are stopped. It's working fine previously. I try to restart the ncs service also doesn't help.
here is the ncs status:
PRIME01/netsvcsdm# ncs status
Health Monitor is running, with an error.
initHealthMonitor(): can not start DB
Reporting Server is Stopped
Ftp Server is Stopped
Database server is stopped
Tftp Server is Stopped
Matlab Server is Stopped
NMS Server is stopped.
SAM Daemon is not running ...
DA Daemon is not running ...
Syslog Daemon is not running ...
status
PRIME01/netsvcsdm# ncs start
Starting Network Control System...
Unable to verify hardware.
This may take a few minutes...
Health Monitor is already running.
Failure during Network Control System startup. Check launchout.log for details.
start
Note: I notice that the MEM LED at light path diagnostics panel components is lit. I check at cisco documentation, it indicate memory error. is it confirmed appliance issue?
Please advice. Thank youThank you for the reply. sorry for late update.
1. I try to reseat the memory card, MEM LED from diagnostic panel is not lit anymore. I think it solve the memory problem initially.
2. I use the following command to refresh the database
NCS stop
NCS DB reinitdb
NCS start
After reinitdb, I can login to prime infrastructure. it seems like the system is working fine. All of the configuration is gone. So, I proceed to restore the configuration.
3. Restore configuration
When I try to restore my configuration, I have the following error.
PRIME01/netsvcsdm# restore 2013-07-24_PRIME01-130724-1853.tar.gpg repository localftp application NCS
Restore may require a restart of application services. Continue? (yes/no) [yes] ? yes
Initiating restore. Please wait...
Stage 1 of 9: Transferring backup file ...
-- complete.
Stage 2 of 9: Decrypting backup file ...
-- complete.
Stage 3 of 9: Unpacking backup file ...
--complete.
ERROR : There is the mismatch in the following configuration parameter(s) of this machine when compared to the machine where the backup was generated: DB Memory Target, RAM Size -> can’t restore the configuration due to RAM size different.
ERROR : This may affect the performance of the current machine. Hence aborting restore process.
% Application restore failed
PRIME01/netsvcsdm#
PRIME01/netsvcsdm# show inventory
NAME: "PRIME-NCS-APL-K9 chassis", DESCR: "PRIME-NCS-APL-K9 chassis"
PID: PRIME-NCS-APL-K9 , VID: V02 , SN: KQ7T4TM
Total RAM Memory: 12141876 kB -> Appliance only detect the RAM memory as 12GB. Our Appliance has 16GB memory. I suspect 1 of 4 memory was spoiled.
I notice that the prime only detect 12GB RAM instead of 16GB. There is hardware failure (1 of 4 memory is spoil). Unit have to be RMA.
Thanks, -
Disabling Networked Printer Web Interfaces
Hello,
I did a search with my novice search skills and didn't find exactly what related to my issue. I have multiple virtual print servers on Win08 R2 with networked printers from different manufacturers. Is there a way other than going to each printer to
disable web interface access via host name or IP? I'm thinking possibly via GP.
ThanksSince the Web interface is a device feature and has nothing to do with Windows, that's something you need to configure at the device level.
Alan Morris Windows Printing Team -
E4200 Web interface port wont change
Howdy yall,
I was wondering if there are any known issues regarding the linksys e4200 web interface accessibility.
I am trying to configure the web interface for outside access, but i want the port to be: 2000
So i changed the port, but when i type my external IP in the webbrowser, without a port, i still get the username/password
prompt window. This is in the standart 80 port, even though i changed the port to 2000.
Also, when i type my external IP including port number 2000, the connection fails.
The problem is, the webserver in the router running the web interface, refuses to change to port 2000
It doesnt matter whether i restart the router after the change, or not.
Does anyone have any clue about the root of the problem ?Never mind, it appears that for some reason my browsers connect to the routers interface directly. no matter what url i use.
An online port scan reveiled that the port did in fact change, so there is no problem. -
Cisco RM-1252G-A-K9 can't access web interface
I hope I am in the correct forum for this topic?
For some reason I cannot access the web interface in order to configure this device. I have it connected to a router (DHCP). The router assigns an IP Address and I can ping it. If I attempt to go to that IP Address in any web browser. the page cannot be displayed. I've reset it several times. I have 2 of these and same problem. Am I missing something obvious? I sure hope so...Connecting to the Access Point Locally
If you need to configure the access point locally (without connecting it to a wired LAN), you can connect a PC to its console port by using a DB-9 to RJ-45 serial cable.
Follow these steps to open the CLI by connecting to the access point console port.
Step 1 Connect a nine-pin, female DB-9 to RJ-45 serial cable to the RJ-45 console port on the access point and to the COM port on the PC.
Step 2 Set up a terminal emulator on your PC to communicate with the access point. Use the following settings for the terminal emulator connection: 9600 baud, 8 data bits, no parity, 1 stop bit, and no flow control.
Assigning an IP Address Using the CLI
When you assign an IP address to the access point using the CLI, you must assign the address to the BVI. Beginning in a privileged EXEC mode, follow these steps to assign an IP address to the access point BVI using the console port:
Command
Purpose
Step 1
enable
Enter privileged EXEC mode.
Step 2
configure terminal
Enter global configuration mode.
Step 3
Interface bvi1
Enters interface configuration mode for the BVI.
Step 4
ip address address mask
Assigns an IP address and subnet mask address to the BVI.
Step 5
end
Return to privileged EXEC mode. -
For whatever reason I can telnet from another switch to the SG300 switch but not directly to the switch. I also can't access the web interface or ping the switch. Any help would be appreciated. Here is the running config
config-file-header
WasteWaterSG30010MPP
v1.3.5.58 / R750_NIK_1_35_647_358
CLI v1.0
set system mode switch
file SSD indicator encrypted
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end xxxxxxxxxxxxxxxxxxxxxxxx
vlan database
default-vlan vlan 2
exit
vlan database
vlan 2,75,200,999
exit
voice vlan id 200
voice vlan oui-table add ________
voice vlan oui-table add _phone_____________
voice vlan oui-table add ___________________
voice vlan oui-table add ______________
voice vlan oui-table add
voice vlan oui-table add ___________
voice vlan oui-table add ___
voice vlan oui-table add ______________
hostname WasteWaterSG30010MPP
line console
exec-timeout 0
exit
line telnet
password 382fda4a4a26e6637edac0eb8b8ba4581087d32d encrypted
exit
line console
password 382fda4a4a26e6637edac0eb8b8ba4581087d32d encrypted
exit
enable password level 15 encrypted 382fda4a4a26e6637edac0eb8b8ba4581087d32d
username admin password encrypted 382fda4a4a26e6637edac0eb8b8ba4581087d32d privi
lege 15
snmp-server location XXXXXXXX
snmp-server community String1 ro view Default
sntp server 172.16.2.1
ip telnet server
interface vlan 2
ip address 172.16.2.23 255.255.255.0
no ip address dhcp
interface gigabitethernet1
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode access
switchport access vlan 999
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
interface gigabitethernet2
spanning-tree portfast
switchport mode access
switchport access vlan 999
interface gigabitethernet3
spanning-tree portfast
switchport mode access
switchport access vlan 999
interface gigabitethernet4
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode access
switchport access vlan 999
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
interface gigabitethernet5
spanning-tree portfast
switchport mode access
switchport access vlan 999
interface gigabitethernet6
spanning-tree portfast
switchport mode access
interface gigabitethernet7
spanning-tree portfast
switchport mode access
switchport access vlan 999
interface gigabitethernet8
spanning-tree portfast
switchport mode access
switchport access vlan 999
interface gigabitethernet9
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 75,200,999
switchport trunk native vlan 2
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
interface gigabitethernet10
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 75,200,999
switchport trunk native vlan 2
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
exitA member of which VLAN ID is that device from which you trying to reach that switch?
Is that device directly connected to switch WasteWaterSG30010MPP? If yes, to which port?
If you are connecting from different VLAN than VLAN2, are you using routing between VLANs? Where is that routing device connected to?
> I also have another switch that connects to the network through this switch and am able to telnet to it.
that second switch member of same VLAN 2? Or management is part of different VLAN?
..too few information to be able to give you final answer. -
Problems access to a web application (Web Interface or Web report)
Hi,
We found problems with the access to web application. Some users have problems with direct links to the web applications(Web Interface or Web reporting), when they click on the link an error message appears, the message displays the following text:
"Cannot open file Bex?sap-language=ENbsplanguge=ENcmd=idoc_TE.."
Clicking in details the message is "No Access to specified file"
For this users the access to excel reporting is correct, the message appears when they click on the direct web links through the browser or directly in BW system, but if they type the URL they can access. Other users can use the direct web link without problems.
I highly appreciate any help or idea about how to solve this issue.
Thanks in advance.HI,
please ask to your basis that check the language of every single user on su01 tx.
This is the problem i think.
Natalia. -
Unable to Access CSACS 5.3 Web Interface...
Hi Everyone,
I wanted to note an issue I ran into today with our MS Windows 7 workstations and 2008 servers being unable to access the web management interface on our instance of ACS 5.3 and its solution, which is outlined below:
### The Problem ###
When I tried accessing the web management interface on our ACS 5.3 appliance, the browser was unable to connect. NMS applications showed that the device was up and I was able access it via SSH. I then tried connecting to 443 via telnet on my workstation and was successful in establishing a connection. I proceeded to issue the "show application status acs" command showed all associated processes running. I had a co-worker attempt to access it and he ran into the same issue. I then proceeded to restart the ACS application by stopping and starting the associated processes. After the processes were back up, attempts to connect to the web management interface still failed. I then proceeded to reboot the appliance. Again, after the applicance and processes were back up, attempts to connect continued to fail. As a last ditch effort I used a portable version of Firefox to connect and was then successfully able to connect.
### The Source ###
After additional troubleshooting, it was discovered that the MS Internet Explorer patch associated with MS Security Advisory 2661254 just so happened to be the culprit. This restricts the use of certificates with RSA keys less than 1024 bits in length. The default management certificate just so happens to be 512 bits in length.
### The Fix ###
Using FireFox, I navigated to System Administration > Configuration > Local Server Certificates > Local Certificates. I then proceeded to add a certificate in the following steps:
Select Generate Self Signed Certificate & click next
Populate the Certifcate Subject field with the appropriate DN information of the ACS server.
Change the key length to 1024 or above.
Check "Management Interface: Used to authenticate the web server (GUI).
Check "Replace Certificate".
Click Finish.
The ACS server should then generate the new certifcate, replace the existing management certificate, and restart the ACS processes. After everything is back up, you shouldn't have any issues in accessing the web interface.
Cheers,
DanHello Dan,
Thank you for trying to share the information you have.
Note please if you want to share information you can post a document, not a discussion.
You can convert this discussion into a document from the right pane menu.
Greetings,
Amjad
Rating useful replies is more useful than saying "Thank you" -
OCA admin web interface - can't access certificate management tab
Hi there.
This is very strange, a week a go I could issue certficate requests in the user web interface and then aprove them in the admin web interface.
Now I can issue certificate requests in the user web interface but when I try to aprove the request by accessing the certificate management tab, the web browser stays a lot of time trying to access the page and timesout with a "cannot display this page" error.
I've been looking at log files, but untill now, I couldn't find anything. Maybe I'm looking in the wrong files?
Does anyone had this problem before?
Thanks and regards,
Ricardo VilhenaWhen you access the admin page, does it ask to select the certificate you want to use?
If don't, or you don't see this (in a windows with a list) they you may try to reset OCA, this happens when the certificate is lost or have been disabled, rejected or deleted, and as you dont have anything to use, you can't see the page.
Hope this helps.
Greetings. -
Unable to access to Collaborative Views Web Interface
Hello,
When I try to access to the Collaborative Views Web Interface through the URL
http://<URL of your J2EE server>/cviews/views/init.do
I have the following error message :
ISA Framework: Internal Error
No XCM application configuration has been passed and there is no default XCM application configuration defined. Check XCM configuration
I looked at the XCM Adminitration Web Interface, but I do not know what to configure to make the Collaborative Views Web Interface available...
Any ideas ?Hi Sebastien,
you have to access the following link:
http://<host>:<port>/cviews/admin/xcm/init.do
The first thing is to crete a default configuration based on the possible templates. After that you need to define a connection the Backend - JCo connection. after that save the configuration and restart the application. try again.
In the XCM area you can get some more information on what needs to be maintained by clicking on the "i" icons next to each field.
Hope this will help you.
Cheers
Borislav
Maybe you are looking for
-
I have some loops from acid 5 which I have dragged in a folder to the loop browser. Some of them retain the folder name in the View: and some don't. I have also had some that seem to go in but I can't find them. If I try to add them again, I get a
-
Xorg-No Device Detected-ATI Radeon [solved]
I keep getting errors while trying to start the X server- EE No Deviced Detected. I'm usting a dell inspiron 600m laptop with an ATI Radeon 9000 mobility. I used the fglrx driver which loaded perfectly, it's just not working when i start X. Here is
-
This has been brought up a few times but Mozilla refuses to add this functionality or to simply explain to us why they cant. And please do not tell me to just use X-Mouse Controls because there is absolutely no reason why this can't be done or explai
-
dear all! i am looking for the way to enter a serial number on sales order. i can enter it, but only via incompletion check. there is no menu entry, or button where to enter serial numbers in VA01, VA02. does anyone know how to enter the serial numbe
-
How to delet music