Cisco IPS sensor Error using ASDM

flashfoods
flashfoods used Ask the Experts™
on
After configuring some of my event sensor settings I got an error and could not get back into the IPS sensor using ASDM for configuration. Its been working great for months until now. After I put in my username and password for the IPS it tries to pull information into the ASDM and then I get this error. I am no longer getting IPS information updates from the sensor. The ASDM is functional with looking at all other info other than the IPS sensor. I did a simple telnet to the IPS sensor IP: 192.168.1.6 and I can gather various types of info from it. The ASA ip is 192.168.1.5. I was thinking a late night reload of the ASA firewall might clear this up but it will cause interuption. Is there anyway to reload/reboot the IPS module/sensor only without shutting down the firewall and dropping traffic? Any other ideas? Thanks.
ips-error.jpg
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
You should be able to "session" into the IPS module from the ASA CLI and then issue the "reset" command to reload just the module.  To see if the IPS being rebooted will affect firewall traffic, look for one of the following commands in your ASA configuration:

ips inline fail-open
ips inline fail-close
ips promiscuous fail-open
ips promiscuous fail-close

If you have either of the "fail-open" commands listed, then the ASA will permit traffic when the IPS is rebooted or "fails".  If you have either of the "fail-close" commands, then the ASA will block traffic when the IPS is rebooted or "fails".

Author

Commented:
Thanks, This information was exactly what i needed.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial