CSPM is unable to talk to the IDS
I have the following configuration on the IDS
Sensor:
IP address: 204.142.253.99
Subnet mask: 255.255.255.0
Default gateway: 204.142.253.254
Host name: IDS
Host ID: 99
Host port: 45000
Agency name: ECC
Organization ID: 100
-MORE-
Director:
IP address: 204.142.253.98
Host name: CSPM
Host ID: 98
Host port: 45000
Pace heart rate interval (seconds): 5
Agency name: ECC
Organization ID: 100
A direct JOINT Telnet access: enabled
Entries in the current list:
[1] 204.142.253.98
[2] 204.142.253.55
[3] 204.142.253.55 0.0.0.0
but I'm not able to telnet or ping 204.142.253.99 (IDS) of 204.142.253.98 (CSPM) or 204.142.253.55
I'm not sure of the following:
1. how to assign the host id?
2. how to assign mask with IP addresses allowed to access IDS via telnet
If you cannot ping the ID then it is usually because him vlan command and control was did not in place yet.
(1) determine what vlan is used for the 204.142.253.0 network.
(2) make sure that CSPM is connected to the switch through a port in the same vlan (either directly or through a hub or to another switch).
(3) assign the port command and control of the METHOD to this vlan (this is the part that many people forget): value vlan vlan # mod #/ 2 example: define the vlan 100 5/2
(4) verify that CSPM can ping both the default gateway 204.142.253.254 and the METHOD.
(5) check that JOINT can ping CSPM both default Gatewate.
With regard to your questions:
Using the last octet of the ip address is generalist, expecially when all the machines are on the same network. If you deal with IDS sensors on several networks, you will need to come with your own convention. NOTE: The identifier of host in CSPM has been assigned during the installation of the CSPM. You must make sure that ID host used when installing CSPM is the same as the one you entries to CSPM for guests to be installed on the sensor.
Masking used in the access list works exactly the opposite of a normal netmask. For example, with a class C, the network mask normal would be 255.255.255.0, but in the access list you must represent as 0.0.0.255. You say the sensor the bits are variables rather than what the bits are for the network.
To allow your 204.142.243.0 any network you would use the 0.0.0.255 mask.
Tags: Cisco Security
Similar Questions
-
I'm develpoing apps using the SAPI, TAPI, however, I'm stuck with a fundamental question... when I dial a number, I can hear the ringtone on the speakers of the laptop... and I can hear the person on the other side as well... but he can't hear me... and as soon as the others left up to the 'Phone dialer' pcks pops up a window with two buttons... 'Talk' and 'Hang up', when I press the talk button, the line is automatically disconnected. Pleas help to solve this problem...
Hi abhi.jeet,
Thank you for visiting the website of Microsoft Windows Vista Community.
The question you have posted is related to application development and would be better suited to the MSDN Community. Please visit the link below to find a community that will provide the support you want.
http://msdn.Microsoft.com/en-us/default.aspx
Hope this information is useful.
Jeremy K
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think. -
error message says unable to connect to the "pop3 e-mail server?
I have just changed to broadband, fixed and mobile telephony businesses talktalk and can't access my old outlook express mail or enter a new e-mail account of talk talk! What can I do because they don't come back to me? I get the error unable to connect to the server of incoming POP3 mail. I don't understand the jargon!
If my ISP did not help with technical support, I would drop them in a blink of an eye.
Configure TalkTalt and Outlook Express
http://help.TalkTalk.co.UK/app/answers/detail/A_ID/1462Setting up email in Outlook Express servers:
http://www.Microsoft.com/Windows/IE/community/columns/mailserver.mspx -
Access denied to the IDS MC after update 4.1.2 - s58
Friday 7, I did the upgrade of four of our device IDS sensors. No problem. Later, I did the upgrade on the MC of the IDS and the next logon, I did ' t access more IDS MC and security monitor:
"You are not allowed to ask the Action associated screenID: ' / s510"' or ' you are not allowed to ask the Action associated screenID: ' / s550 "' according to the screen I want to access." "" "
Now it seems to be a problem with authentication via ACS (GANYMEDE +) in combination with fallback to local CS Authentication. However disabling fallback or ACS does not solve the problem. Before this upgrade, we have this problem (of course).
We are talking to our supplier and an action has already been committed, but after a week, we do not have a solution yet.
It's really urgent, because we have more access to our events.
MC ID is always generating reports and send emails to us. It's a pure access problem, I think.
Is rather peculiar, that we cannot change also the AAA server in the administration of virtual machines (IDS MC). He always wants to check with a GANYMEDE server + even though we have configured local authentication CS in CS security settings.
Best regards
Johan Derycke.
Johan,
If you've not done so alreacy, go to
VMS > Administration > Configuration > AAA Server Resync and make sure that it is set on Cisco local works.
Thank you
Chad
-
A solution to the "unable to connect to the NFS server" that I can't understand
(This question is related to the interaction between ESXi and FreeNAS and talk a lot here, but the solution was finally on FreeNAS configuration change, so I hope it's ok that I post in this forum. It relates to the use of FreeNAS of ESXi).
I have a FreeNAS system set up specifically for the copy of the virtual machines of my ESXi server as a backup mechanism. I tried to mount a NFS of FreeNAS disk and ran in a (what appears to be, from discussions on the forum, a common place) problem. ESXi, during an attempt fix the part gave me the "unable to connect to the NFS server" message. The search in the log files, I could see some more detail, but nothing that pointed to a solution. I also searched the logs on the FreeNAS system, nothing helps.
I was using the IP address of the FreeNAS (static address) system instead of the DNS name when you are trying to reach the storage.
After hours of trying different methods, creation of username on FreeNAS trying up to ESXi, scouring through all the various points of ESXi config, etc. I am getting nowhere. Then I came across a post somewhere (not here on the forums, but in a blog somewhere) that said add the ESXi server to the hosts on the FreeNAS system file.
Once we added - bingo-test. ESXi logged in straight away and I am running.
Now, I am trying to determine why the addition of ESXi machine to the FreeNAS hosts file would allow ESXi to connect. Anyone have any ideas? The IP address of the ESXi system was already in the allowable range set up in the UI on FreeNAS.
Thanks in advance.
Mounting NFS export list process requires the resolution of the customer's name. When a customer initiates the request for an NFS share, server checks its list of export for the requested directory and the name of the customer in this access list for this particular action. Now if the server fails to resolve the name of the initiator denies his request for the mounting of this share. In order to overcome this problem, you must have a dns server in the network, or do you have enter you the names and information of IP address to the server hosts file
Naeem Holy
-
I have download ESXi 3.5 VMware site, write on CD, but unable to boot from the CD, why? ESXi installation does not occur.
Please help on this issue.
Since there is no integration PAM for ESXi, you cannot authenticate to ESXi itself using active directory. -What are you talking about? You can always have virtual machine with windows and active directory.
-KjB
VMware vExpert
-
ORA-17629: unable to connect to the remote database server
Hello
I have put Dataguard in place with primary and 1 physical standby for learning/test database:
I do NOT plan the unloading of RMAN backups on the physics of the day before.
Recorded the primary database with RMAN and when "resync catalog db_unique_name all;" is issued.
I get the following error:
---------------------------------------------------------------------------------------------------------------------
RMAN > catalog resync db_unique_name all;
from full resynchronization of the recovery catalog
full complete Resync
resynchronization of data base with DB_UNIQUE_NAME ASTTESTB
RMAN-00571: ===========================================================
RMAN-00569: = ERROR MESSAGE STACK FOLLOWS =.
RMAN-00571: ===========================================================
RMAN-03002: failed to db_unique_name resynchronization command at 28/09/2011 11:34:23
ORA-17629: unable to connect to the remote database server
ORA-17628: Oracle 17629 error returned by remote Oracle Server
------------------------------------------------------------------------------------------------------------------
Configuration of RMAN for the main proceedings are the following:
RMAN > show all to db_unique_name asttest;
RMAN settings for database with db_unique_name ASTTEST are:
CONFIGURE RETENTION POLICY TO RECOVERY OF 7-DAY WINDOW;
CONFIGURE BACKUP OPTIMIZATION # by default
SET UP DEFAULT DISK DEVICE TYPE; # by default
CONFIGURE CONTROLFILE AUTOBACKUP # by default
CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO "%F" # by default
SET UP THE DEVICE TYPE DISK PARALLELISM 1 BACKUP BACKUPSET TYPE; # by default
CONFIGURE BACKUP OF DATA TO DISK FILE TYPE DEVICE TO 1; # by default
CONFIGURE BACKUP ARCHIVELOG FOR DEVICE TYPE DISK TO 1; # by default
CONFIGURE MAXSETSIZE TO UNLIMITED; # by default
CONFIGURE ENCRYPTION OF DATABASE # by default
CONFIGURE THE ENCRYPTION ALGORITHM "AES128"; # by default
CONFIGURE COMPRESSION ALGORITHM 'BASIC' AND 'DEFAULT' LIBERATION OPTIMIZE FOR TRUE LOAD; # by default
CONFIGURE DB Nom_unique "asttest" CONNECT IDENTIFIER ' ASTTEST. UMDNJ. EDU'; _
CONFIGURE DB "Asttestb" of nom_unique CONNECT IDENTIFIER "asttestb"; _
CONFIGURE ARCHIVELOG DELETION POLICY TO APPLIED ON ALL STANDBY;
CONFIGURE SNAPSHOT CONTROLFILE NAME TO ' / opt/oracle/product/11.2.0/dbhome_1/dbs/snapcf_asttest.f'; # by default
Configuration of RMAN for instance physical standby are:
RMAN > show all to db_unique_name asttestb;
RMAN settings for database with db_unique_name ASTTESTB are:
CONFIGURE RETENTION POLICY TO RECOVERY OF 7-DAY WINDOW;
CONFIGURE BACKUP OPTIMIZATION # by default
SET UP DEFAULT DISK DEVICE TYPE; # by default
CONFIGURE CONTROLFILE AUTOBACKUP ON;
CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO "%F" # by default
SET UP THE DEVICE TYPE DISK PARALLELISM 1 BACKUP BACKUPSET TYPE; # by default
CONFIGURE BACKUP OF DATA TO DISK FILE TYPE DEVICE TO 1; # by default
CONFIGURE BACKUP ARCHIVELOG FOR DEVICE TYPE DISK TO 1; # by default
CONFIGURE MAXSETSIZE TO UNLIMITED; # by default
CONFIGURE ENCRYPTION OF DATABASE # by default
CONFIGURE THE ENCRYPTION ALGORITHM "AES128"; # by default
CONFIGURE COMPRESSION ALGORITHM 'BASIC' AND 'DEFAULT' LIBERATION OPTIMIZE FOR TRUE LOAD; # by default
CONFIGURE DB Nom_unique "asttest" CONNECT IDENTIFIER ' ASTTEST. UMDNJ. EDU'; _
CONFIGURE DB "Asttestb" of nom_unique CONNECT IDENTIFIER "asttestb"; _
CONFIGURE ARCHIVELOG DELETION POLICY TO APPLIED ON ALL STANDBY;
CONFIGURE SNAPSHOT CONTROLFILE NAME TO ' / opt/oracle/product/11.2.0/dbhome_1/dbs/snapcf_asttest.f'; # by default
----------------------------------------------------------------------------------------------------------------------
When I tested missing missing datafile and control file scenario on the primary database, it worked (Advisor to recover data)
However, missing datafile scenario does not work on the physics of the day before.
Here are the steps I followed:
********************************************
1 renamed a file of physical data - in standby mode:
bash - $3.2 ls - ltr
Total 107832
-rw - r - 1 oracle oinstall 52429312 16 September 12:19 asttest_redo03.log
-rw - r - 1 oracle oinstall 61874176 Sep 29 15:41 asttest_temp01.dbf
-rw - r - 1 oracle oinstall 52436992 5 Oct 11:00 rmandg_data01.dbf
bash - $3.2 mv rmandg_data01.dbf rmandg_data01.dbf_old
bash - $3.2 ls - ltr
Total 107832
-rw - r - 1 oracle oinstall 52429312 16 September 12:19 asttest_redo03.log
-rw - r - 1 oracle oinstall 61874176 Sep 29 15:41 asttest_temp01.dbf
-rw - r - 1 oracle oinstall 52436992 5 Oct 11:00 rmandg_data01.dbf_old
2. restore the datafile (find the data file # view v$ recover_file):
RMAN > restore datafile 5;
From restoration to 5 October 11
Segmentation fault
3. in spite of the error, published "recover datafile command.
4 RMAN > recover datafile 5;
From pick up to 5 October 11
allocated channel: ORA_DISK_1
channel ORA_DISK_1: SID = 10 type of device = DISK
RMAN-00571: ===========================================================
RMAN-00569: = ERROR MESSAGE STACK FOLLOWS =.
RMAN-00571: ===========================================================
RMAN-03002: failure of the command recover at 05/10/2011 12:00:40
RMAN-06094: datafile 5 must be restored.
5. manually copy the physical primary datafile - in standby mode, & then problem recover RMAN command:
bash - $3.2 scp oracle@msudrainier:/ora03/oradata/asttest/rmandg_data01.dbf.
rmandg_data01.dbf 100% 50 MB 16.7 MB/s 00:03
bash - $3.2 ls - ltr
Total 159096
-rw - r - 1 oracle oinstall 52429312 16 September 12:19 asttest_redo03.log
-rw - r - 1 oracle oinstall 61874176 Sep 29 15:41 asttest_temp01.dbf
-rw - r - 1 oracle oinstall 52436992 5 Oct 11:49 rmandg_data01.dbf_old
-rw - r - 1 oracle oinstall 52436992 5 Oct 12:01 rmandg_data01.dbf
RMAN > recover datafile 5;
From pick up to 5 October 11
using channel ORA_DISK_1
RMAN-00571: ===========================================================
RMAN-00569: = ERROR MESSAGE STACK FOLLOWS =.
RMAN-00571: ===========================================================
RMAN-03002: failure of the command recover at 05/10/2011 12:01:59
RMAN-06067: RECOVER the DATABASE required with a backup control file or created
6. of course RMAN commands have failed to restore the missing data file;
So I renamed the file to original and rebooted repeat services applies - this restore the data file and now the configuration state of the DG is normal.
*********************************************************************************
Not quite sure if I'm still he hands the right way or if the error above is related to RMAN not able to synchronize with the physics of the day before.
The documentation I want to talk to is here (1 paragraph):
[http://download.oracle.com/docs/cd/B28359_01/server.111/b28294/rman.htm#BAJDFBDD | http://download.oracle.com/docs/cd/B28359_01/server.111/b28294/rman.htm#BAJDFBDD]
Any pointers/direction and advise is greatly appreciated.
Best regards
NKI got it!
/home/oracle:STANDBY >$ORACLE_HOME/bin/rman target sys/
catalog / @rcatalog Recovery Manager: Release 11.2.0.1.0 - Production on Fri Oct 7 14:12:10 2011 Copyright (c) 1982, 2009, Oracle and/or its affiliates. All rights reserved. connected to target database: PRIMARY (DBID=1562898590, not open) connected to recovery catalog database RMAN> resync catalog from db_unique_name all; resyncing from database with DB_UNIQUE_NAME PRIMARY starting full resync of recovery catalog RMAN output not resynced for database with DB_UNIQUE_NAME PRIMARY full resync complete If the necessary connection string a target/sys and a catalogue
RMAN target sys /
catalog / @rcatalog I did my standby
Will try the primary
Best regards
mseberg
Work on both. Great question!
connected to target database: PRIMARY (DBID=1562898590) connected to recovery catalog database RMAN> resync catalog from db_unique_name all; starting full resync of recovery catalog full resync complete resyncing from database with DB_UNIQUE_NAME STANDBY RMAN output not resynced for database with DB_UNIQUE_NAME STANDBY RMAN>
Published by: mseberg on October 7, 2011 14:16
Thanks a ton for sticking to it. I'll add this little thing to my web site.
Published by: mseberg on October 7, 2011 14:22
-
I could not update or install applications for weeks, so I disconnected my Apple ID and rebooted the phone but now I can't reconnect! The error is: unable to connect to the iTunes Store. I should w8 for ios10 and hope that it will be fixed by the new ios? Cause don't want to reset my phone.
You have tried: If you can not connect to the iTunes Store - Apple Support ?
And I tried to do a soft-reset/reboot the phone?
-
Talk to the text sent by 'null '.
When I try and talk to the text of my husband, it continues to send "null" while Siri said she looks and she is sending. It works with my two other friends who have iPhones. Suggestions? I already turned my phone market.
I guess "speak text" means:
- You use Siri to send a message.
- You send it to an iPhone.
- The message is sent using iMessage (which may or may not be true, even if your husband has an iPhone).
- The message is not part of a thread existing, but is actually starting a new message thread.
So presumably, you call Siri to send a message to your husband's iPhone and dictate the content of the message to Siri.
Assuming that it actually sent via iMessage (blue bubble), check the settings > Messages > Send and receive > start new Conversations on and see it is set correctly.
-
Unable to connect to the App Store and auto delete app
Hi, I never update my ipad because I never, and I do not have the space for it anyway. Now and then I get the message saying ipad needs space for the update, press ok to allow deletion, or something in that sense. Theres two options cancel or ok. Today I accidentally pressed ok. He deleted my largest app and now I am having problems with the App Store. I can open it and see the recommended page. I think I can upload them as well, but when I use the search bar, it says unable to connect to the App Store. I don't know what to do and how to cancel.
First of all, make sure that you don't have enough free space before trying to re-download the application. Once you know that you have enough space, try these two ways to get to the app.
Click on the tab purchased on the App Store and see if the application appears in a search here or just trying to slide through until you see the app and then download it from there.
If this does not work, do a Google search for the app. It should appear in the search. Tap on the app in the Google search and who should open the description window app on the App Store with the download next to the app icon.
-
MacBook air crashes, I'm unable to open all the applications but Safari.
MacBook air crashes, I'm unable to open all the applications but Safari. I can still access the app store to download some antivirus software. I downloaded AVG hoping it might cure the problem, unfortunately it made it worse. I got this macbook for about 3 years and I have not had problems. I recently opened safari on another user and he came with a message saying that you have now received a virus. I don't know what to do, or how I can fix this problem. The office is constantly freezing as well, I'm out of options!
Determine if you can start up your Mac in 'safe' Mode. Read how here: OS X El Capitan: safe mode. If you find that the document confusing or difficult to follow, please write back for instructions.
After you have determined how your Mac works in 'Safe' Mode, restart normally.
Regarding your other concerns:
I recently opened safari on another user and he came with a message saying that you have now received a virus.
These messages are false. It is a very common scam. Read about it here: Phony 'technical support' / 'ransomware' popups and web pages
I downloaded AVG hoping it might cure the problem, unfortunately it made it worse.
It is to be expected. Don't waste your time with things. "AVG" can be particularly difficult to uninstall, a fact that I learned to evaluate myself. The problem is that its uninstall instructions do not work. I got by deletion of the Mac and restore its contents from a Time Machine backup. You have a backup?
-
Unable to connect using the current password
Using the current password which only had 6 characters - have now changed to 8 hope if this helps solve the problem.
Have you noticed too there was an update of Mozilla on my laptop the day before that this problem then this could be the reason?Unable to connect using the current password
It is far from a complete problem description.
Please explain in detail- what you were doing
- That's happened
Using the current password which only had 6 characters
6 characters is a very weak password. Consider using a password manager to generate longer and more complex passwords and to remember these passwords.
-
Unable to connect to the internet update version
I've updated to the latest version 35, but since then, the browser seems unable to connect to the internet. I thought it was my firewall that was blocking the program. I did what was suggested to work around this problem, that is, to remove my firewall and then add it again. But it does not solve the problem. There is nothing wrong with my internet, how am I be able to connect to internet by using IE or Chrome. And I was able to connect to the internet in the previous version of Firefox. Unfortunately, the new updated version is not allow me to. Have no solution?
It is possible that your security (firewall, antivirus) software blocks or limit Firefox or the process of plugin-container without you inform, possibly after the detection of changes (update) for the Firefox program.
Delete all rules for Firefox and the plugin-container in the permissions list in the firewall and leave your firewall again ask permission to get full unlimited access to the internet for Firefox and the plugin-container and the update process.
See:
-
My ZTE open C unable to connect to the wlan with 63-signs-hex key.
Hello
my C open from ZTE unable to connect to the wlan with WPA2-PSK and a 63 sign hex key. When I create a 2. ESSID with WPA2-PSK a sentence normal, everything's fine.
Oliver
Hi OliverwithZTE,
I understand that you have connection problems to your network WPA2-PSK.
Unfortunately, WPA2-PSK is currently not supported on Firefox OS version 1.3. Only WPA-TKIP and WPA2-AES are supported.
-Ralph
-
I don't know if they are technically pop-up windows (for example, if you perform a search on kayak.com, it will automatically open a new window of priceline.com with the search results), but that happens with Blocker on or off. Other examples are a little info to a financial site window or .edu, which opens a session is about to expire, or answer a FAQ (with the exception of the priceline example, these windows have an address bar or view a URL). In any case, once these windows are closed, if I try to open a new window, it will automatically load the content of this "pop-up". Whenever he does, I'm unable to type in the address bar or open a new tab in this window.
How can I fix it? What I want is to open a new window which is empty, not load the previous contents.
No, I just realized that I was holding Command-Shift-N rather than command-N
Maybe you are looking for
-
command of the keyboard to move does not work
The command of period and comma for FCPX on my iMac won't work. FCPX just beeps at me instead to shift the video before a picture or backward a frame. (for a comma) He works for the arrow, but for some reason some will not work with the key to the pe
-
update of Windows sometimes stop working
update of Windows sometimes stop working
-
Security updates Microsoft for Office 2003 fails with the error 80070643
The computer is running Windows Vista Business SP1 with three viewers for Microsoft Office 2003 (Word, Excel, and PowerPoint) up and running. The computer is not running Office 2003. Instead, OpenOffice 3.1 is installed. The following three Microsoft
-
SyncToy 2.1 suddenly don't synchronize my EFS encrypted files
I have just upgraded to Windows 7 Ultimate (64 bit) on my laptop and desktop. Until recently, I used Synctoy 2.0 on my laptop to synchronize the files with my office. On my laptop, the files are encrypted using EFS in Windows; While my desktop files
-
Help, I have a problem with the PS and CC - I get and error measure in PS - "this program cannot start because ONCoreFoundation8.dll - is missing... and it crashes, and now creative cloud will not be open to all." I spent more than 2 hours to speak