This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.

You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

No Cisco IPS device template?

chris.schear over 11 years ago

Can NCM 8.3.177 manage Cisco IPS modules within ASAs? I'm finding it difficult to believe there isn't a built-in template for Cisco IPS. NCM cannot download the configurations from the sensors.

Please advise.

Top Replies

jp over 11 years ago +1 verified

Here you go : ) http://thwack.solarwinds.com/docs/DOC-169152?uploadSuccess=true

0 rjnicholson over 11 years ago

I manage Cisco IPS modules that are stand alone and inside our ASA with NCM Version 7.0.1. I had no clue they were up to NCM 8.x could have swore we were still in the 7.x releases.
I would check your IPS versions and if they are the latest make sure they are tied to your Raidus/ACS server. They only support Radius and it was only implemented after sensor version 7.0.8 I believe, so you may have to upgrade to get Radius support. If you don't have this done then you have to use a flat account to log into them.
Give me a minute and I will tell you what template I use. I'm pretty sure I just use the Default IOS template, but I will double check and reply with that info as well.
Cancel
Vote Up 0 Vote Down

Cancel
0 rjnicholson over 11 years ago in reply to rjnicholson

I just checked and we are using the Auto Determine setting for template use when logging into the IPS module and backing up the config. As I was stating above the only issue I ever had was figuring out the Radius options for these devices had to upgrade the code first since they didn't support Radius at first.. They are also a Linux kernel so it makes it a bit weird. Even more so that they only use Radius and not a form of TACACS+ being a Cisco device.
Cancel
Vote Up 0 Vote Down

Cancel
0 chris.schear over 11 years ago in reply to rjnicholson

I'm also using Auto Determine, but I cannot download configs.
Session trace:
-----------------------------
[11/13/2012 2:40:57 PM] -----------------NCM 7.0.1 -------------------
[11/13/2012 2:40:57 PM] UseCustomMorePromptBehaviour: False
[11/13/2012 2:40:57 PM] Login Attempts: 1
[11/13/2012 2:40:57 PM] Custom UserName Prompt:
[11/13/2012 2:40:57 PM] Device Template: Cisco IOS-1.3.6.1.4.1.9.ConfigMgmt-Commands
[11/13/2012 2:40:57 PM] System Name: ASA-5540-WKS-IPS02
[11/13/2012 2:40:57 PM] System Description: Linux ASA-5540-WKS-IPS02 2.6.29.1 #42 SMP Mon Aug 27 14:02:55 CDT 2012 i686
[11/13/2012 2:40:57 PM] System OID: 1.3.6.1.4.1.9.1.944
[11/13/2012 2:40:57 PM] OS Image:
[11/13/2012 2:40:57 PM] OS Version:
[11/13/2012 2:40:57 PM] Menu-Based mode=False
[11/13/2012 2:40:57 PM] FreezeLoginForPreCommands mode= False
[11/13/2012 2:40:57 PM]
-->StateChange: Connecting to server<--
[11/13/2012 2:40:57 PM] Got HostFingerPrint: dc:48:e3:fb:8d:97:de:be:c6:7e:ae:a1:74:e7:e1:3f
[11/13/2012 2:40:57 PM] SWTelnet9 Crypto Information Begin
[11/13/2012 2:40:57 PM] Protocol = SSH2
[11/13/2012 2:40:57 PM] RemoteName = SSH-1.99-OpenSSH_5.1
[11/13/2012 2:40:57 PM] SCcipher = aes128-cbc
[11/13/2012 2:40:57 PM] CSCipher = aes128-cbc
[11/13/2012 2:40:57 PM] Keys = ssh-dss
[11/13/2012 2:40:57 PM] SWTelnet9 Crypto Information End
[11/13/2012 2:40:57 PM] Banner received
[11/13/2012 2:40:57 PM] Got Login Challenge: Password:
[11/13/2012 2:40:57 PM]
-->StateChange: Connected to server - idle<--
[11/13/2012 2:40:57 PM] Solarwinds.Net SWTelnet9 Version 9.0.27
[11/13/2012 2:40:57 PM] Connected!
[11/13/2012 2:40:57 PM] --->
[11/13/2012 2:40:57 PM] ProcessLogin State: 0
[11/13/2012 2:40:57 PM] --> Last login: Tue Nov 13 14:38:26 2012 from <asdf>
[11/13/2012 2:40:57 PM] -->
[11/13/2012 2:40:57 PM] --> ***NOTICE***
[11/13/2012 2:40:57 PM] --> This product contains cryptographic features and is subject to United States
[11/13/2012 2:40:57 PM] --> and local country laws governing import, export, transfer and use. Delivery
[11/13/2012 2:40:57 PM] --> of Cisco cryptographic products does not imply third-party authority to import,
[11/13/2012 2:40:57 PM] --> export, distribute or use encryption. Importers, exporters, distributors and
[11/13/2012 2:40:57 PM] --> users are responsible for compliance with U.S. and local country laws. By using
[11/13/2012 2:40:57 PM] --> this product you agree to comply with applicable laws and regulations. If you
[11/13/2012 2:40:57 PM] --> are unable to comply with U.S. and local laws, return this product immediately.
[11/13/2012 2:40:57 PM] -->
[11/13/2012 2:40:57 PM] --> A summary of U.S. laws governing Cisco cryptographic products may be found at:
[11/13/2012 2:40:57 PM] --> http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
[11/13/2012 2:40:57 PM] -->
[11/13/2012 2:40:57 PM] --> If you require further assistance please contact us by sending email to
[11/13/2012 2:40:57 PM] --> export@cisco.com.
[11/13/2012 2:40:57 PM] -->
[11/13/2012 2:40:57 PM] ProcessLogin State: 0
[11/13/2012 2:40:57 PM] -->
[11/13/2012 2:40:57 PM] --> ASA-5540-WKS-IPS02#
[11/13/2012 2:40:57 PM] ProcessLogin State: 0
[11/13/2012 2:40:59 PM] TimerTick: mstrData=<ASA-5540-WKS-IPS02# > State=3 - Connected to server - idle
[11/13/2012 2:40:59 PM] Pending Disconnect = False
[11/13/2012 2:40:59 PM] Sending to get a banner!
[11/13/2012 2:40:59 PM] <--
[11/13/2012 2:40:59 PM] -->
[11/13/2012 2:40:59 PM] -->
[11/13/2012 2:40:59 PM] --> ASA-5540-WKS-IPS02#
[11/13/2012 2:40:59 PM] ProcessLogin State: 0
[11/13/2012 2:41:01 PM] TimerTick: mstrData=<ASA-5540-WKS-IPS02# > State=3 - Connected to server - idle
[11/13/2012 2:41:01 PM] Pending Disconnect = False
[11/13/2012 2:41:01 PM] TimerTick: Send to CRLF get prompt again
[11/13/2012 2:41:01 PM] <--
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] --> ASA-5540-WKS-IPS02#
[11/13/2012 2:41:01 PM] ProcessLogin State: 0
[11/13/2012 2:41:01 PM] Custom Prompt detector detect # prompt
[11/13/2012 2:41:01 PM] no credentials needed - Command mode prompt detected
[11/13/2012 2:41:01 PM] Prompt is being set to : ASA-5540-WKS-IPS02#
[11/13/2012 2:41:01 PM] Logged into Router
[11/13/2012 2:41:01 PM] <--
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] --> ASA-5540-WKS-IPS02#
[11/13/2012 2:41:01 PM] Start check prompt for menu-based device
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <ASA-5540-WKS-IPS02# >
[11/13/2012 2:41:01 PM] Fuzzy match detector start detecting prompt. String1=asa-5540-wks-ips02# String2=asa-5540-wks-ips02#
[11/13/2012 2:41:01 PM] <-- terminal width 0
[11/13/2012 2:41:01 PM] --> terminal width 0
[11/13/2012 2:41:01 PM] -->                              ^
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] --> % Invalid input detected at '^' marker
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] --> ASA-5540-WKS-IPS02#
[11/13/2012 2:41:01 PM] Incomplete buffer with prompt is detected - save all lines to echo buffer
[11/13/2012 2:41:01 PM] Echo not detected yet. Push back data to echo buffer, EchoBuffer = <<<terminal width 0
                             ^
% Invalid input detected at '^' marker
ASA-5540-WKS-IPS02#
>>>
[11/13/2012 2:41:01 PM] Start detecting command echo in echo buffer...
[11/13/2012 2:41:01 PM] Echo is detected, EchoBuffer = <<<terminal width 0
                             ^
% Invalid input detected at '^' marker
ASA-5540-WKS-IPS02#
>>>
[11/13/2012 2:41:01 PM] Remove Prompt - detected prompt line via RegEx
[11/13/2012 2:41:01 PM] Remove Prompt - prompt line is on invalid place, Save It. value=terminal width 0
                             ^
% Invalid input detected at '^' marker
ASA-5540-WKS-IPS02#
FoundPromptLine=ASA-5540-WKS-IPS02#
[11/13/2012 2:41:01 PM] Echo and prompt are removed if they exist, out buffer = <<<^
% Invalid input detected at '^' marker
ASA-5540-WKS-IPS02#
>>>
[11/13/2012 2:41:01 PM] Start check prompt for menu-based device
[11/13/2012 2:41:01 PM] Process Line = <^>
[11/13/2012 2:41:01 PM] Fuzzy match detector start detecting prompt. String1=^ String2=asa-5540-wks-ips02#
[11/13/2012 2:41:01 PM] Save Command Output: ^
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <% Invalid input detected at '^' marker>
[11/13/2012 2:41:01 PM] Fuzzy match detector start detecting prompt. String1=%invalidinputdetectedat'^'marker String2=asa-5540-wks-ips02#
[11/13/2012 2:41:01 PM] Save Command Output: % Invalid input detected at '^' marker
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <ASA-5540-WKS-IPS02# >
[11/13/2012 2:41:01 PM] Fuzzy match detector start detecting prompt. String1=asa-5540-wks-ips02# String2=asa-5540-wks-ips02#
[11/13/2012 2:41:01 PM] <-- terminal length 0
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] --> terminal length 0
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] --> ASA-5540-WKS-IPS02#
[11/13/2012 2:41:01 PM] Incomplete buffer with prompt is detected - save all lines to echo buffer
[11/13/2012 2:41:01 PM] Echo not detected yet. Push back data to echo buffer, EchoBuffer = <<<terminal length 0
ASA-5540-WKS-IPS02#
>>>
[11/13/2012 2:41:01 PM] Start detecting command echo in echo buffer...
[11/13/2012 2:41:01 PM] Echo is detected, EchoBuffer = <<<terminal length 0
ASA-5540-WKS-IPS02#
>>>
[11/13/2012 2:41:01 PM] Remove Prompt - detected prompt line via RegEx
[11/13/2012 2:41:01 PM] Remove Prompt - prompt line is on invalid place, Save It. value=terminal length 0
ASA-5540-WKS-IPS02#
FoundPromptLine=ASA-5540-WKS-IPS02#
[11/13/2012 2:41:01 PM] Echo and prompt are removed if they exist, out buffer = <<<ASA-5540-WKS-IPS02#
>>>
[11/13/2012 2:41:01 PM] Start check prompt for menu-based device
[11/13/2012 2:41:01 PM] Process Line = <ASA-5540-WKS-IPS02# >
[11/13/2012 2:41:01 PM] Fuzzy match detector start detecting prompt. String1=asa-5540-wks-ips02# String2=asa-5540-wks-ips02#
[11/13/2012 2:41:01 PM] <-- Show running
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] --> Show running
[11/13/2012 2:41:01 PM] -->                          ^
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] --> % Invalid input detected at '^' marker
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] -->
[11/13/2012 2:41:01 PM] --> ASA-5540-WKS-IPS02#
[11/13/2012 2:41:01 PM] Incomplete buffer with prompt is detected - save all lines to echo buffer
[11/13/2012 2:41:01 PM] Echo not detected yet. Push back data to echo buffer, EchoBuffer = <<<Show running
                         ^
% Invalid input detected at '^' marker
ASA-5540-WKS-IPS02#
>>>
[11/13/2012 2:41:01 PM] Start detecting command echo in echo buffer...
[11/13/2012 2:41:01 PM] Echo is detected, EchoBuffer = <<<Show running
                         ^
% Invalid input detected at '^' marker
ASA-5540-WKS-IPS02#
>>>
[11/13/2012 2:41:01 PM] Remove Prompt - detected prompt line via RegEx
[11/13/2012 2:41:01 PM] Remove Prompt - prompt line is on invalid place, Save It. value=Show running
                         ^
% Invalid input detected at '^' marker
ASA-5540-WKS-IPS02#
FoundPromptLine=ASA-5540-WKS-IPS02#
[11/13/2012 2:41:01 PM] Echo and prompt are removed if they exist, out buffer = <<<^
% Invalid input detected at '^' marker
ASA-5540-WKS-IPS02#
>>>
[11/13/2012 2:41:01 PM] Start check prompt for menu-based device
[11/13/2012 2:41:01 PM] Process Line = <^>
[11/13/2012 2:41:01 PM] Fuzzy match detector start detecting prompt. String1=^ String2=asa-5540-wks-ips02#
[11/13/2012 2:41:01 PM] Save Command Output: ^
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <% Invalid input detected at '^' marker>
[11/13/2012 2:41:01 PM] Fuzzy match detector start detecting prompt. String1=%invalidinputdetectedat'^'marker String2=asa-5540-wks-ips02#
[11/13/2012 2:41:01 PM] Save Command Output: % Invalid input detected at '^' marker
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:01 PM] Process Line = <ASA-5540-WKS-IPS02# >
[11/13/2012 2:41:01 PM] Fuzzy match detector start detecting prompt. String1=asa-5540-wks-ips02# String2=asa-5540-wks-ips02#
[11/13/2012 2:41:01 PM] SendNextCommand Done: Disconnecting
[11/13/2012 2:41:01 PM] Process Line = <>
[11/13/2012 2:41:03 PM] TimerTick: mstrData=<> State=3 - Connected to server - idle
[11/13/2012 2:41:03 PM] Pending Disconnect = True
[11/13/2012 2:41:03 PM] Disconnected - From: <ip>
Cancel
Vote Up 0 Vote Down

Cancel
0 rjnicholson over 11 years ago in reply to chris.schear

I will have to dig more once I can get back to my work station, but the only thing that sticks out that I see differently is it looks like you are using Telnet, and I use SSH, but this shouldn't be an issue. Let me dig some more and run some test downloads to watch my logs as well.
Cancel
Vote Up 0 Vote Down

Cancel
0 chris.schear over 11 years ago in reply to rjnicholson

I'm using SSH, "SSH Auto", to be precise.
Cancel
Vote Up 0 Vote Down

Cancel
0 jp over 11 years ago

Here you go : ) http://thwack.solarwinds.com/docs/DOC-169152?uploadSuccess=true
Cancel
Vote Up +1 Vote Down

Cancel