From: Edward Norton (doubleccie@yahoo.com)
Date: Sun Apr 08 2007 - 11:36:24 ART
Folks ;
im trying to test how the IDS can shun the PIX , i checked the previous posts but did not find an answer
I have 4215 working as IDS , i tested it with blocking to router and it worked fine ..however when i try to do the same with PIX , it does not seem to work .
it looks to me that the IPS sensor is not able to to ssh to the pix , the IDS CC interface and the inside of the pix on the same subnet , I am able to ssh to the pix from software client normally ..and the IDS is able to retrieve the RSA key normally .
however when i enabled the debug on the PIX , the TCP session from the cc interface gets terminated ..not sure why
I am using IPS v5.1 and pix 7.2 ....any comments will be appreciated
0x00FFE27A
%PIX-6-315011: SSH session from 10.1.1.4 on interface inside for user "" disconn
ected by SSH server, reason: "TCP connection closed" (0x03)
%PIX-6-302014: Teardown TCP connection 155 for inside:10.1.1.4/32873 to NP Ident
ity Ifc:10.1.1.254/22 duration 0:00:04 bytes 263 TCP FINs
SSH0: TCP read failed, error code = 0x86300003 "TCP connection closed"
SSH0: receive SSH message: [no message ID: variable *data is NULL]
SSH0: Session disconnected by SSH server - error 0x03 "TCP connection closed"
---------------------------------
8:00? 8:25? 8:40? Find a flick in no time
with theYahoo! Search movie showtime shortcut.
This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:35 ART