Solved

Unable to login to the web interface of CSC SSM-10 Secuirity Module on my ASA 5510

Posted on 2013-05-24
8
1,183 Views
Last Modified: 2013-11-29
I have a Cisco ASA 5510 with the ASA-SSM-CSC-10-K9 Security Services Module. I can successfully logon to the ASA from both the CLI and the ASDM. I can successfully logon to the CSC SSM-10 using the CLI interface & the ASDM.

I CANNOT logon to the CSC SSM-10 web management interface. I see the logon page with no problems however when I enter my CSC SSM-10 password (which works fine from the CLI and the ASDM) it simply returns to the logon page as if I have entered an incorrect password. My understanding is that the CSC SSM-10 password should be the same whether I'm using the CLI, ASDM or web management interface. My subscription has expired however I should still be able to use the device with the knowledge that signatures will not be updated.

As a side note the CSC SSM-10 module is displaying some odd behavior. When I change a value in the CSC SSM-10 module using the CLI OR the ASDM I can successfully enter new values but then when I refresh the interface the old values are still there. This is the output that I am seeing:

cp: unable to remove `/etc/network.conf': Read-only file system                
cp: unable to remove `/etc/network.conf': Read-only file system                
cp: unable to remove `/etc/network.conf': Read-only file system                
/opt/trend/isvw/bin/setup.bin: line 1307: /etc/resolv.conf: Read-only file system                                                                              
/opt/trend/isvw/bin/setup.bin: line 1308: /etc/resolv.conf: Read-only file system                                                                              
/opt/trend/isvw/bin/setup.bin: line 1275: /etc/hosts: Read-only file system    
/opt/trend/isvw/bin/setup.bin: line 1276: /etc/hosts: Read-only file system    
/opt/trend/isvw/bin/setup.bin: line 1277: /etc/hostname: Read-only file system  
keytool error: java.lang.Exception: Key pair not generated, alias <tomcat> already exists                                                                      
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system                                                                              
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system                                                                              
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system                                                                              
cp: unable to remove `/opt/trend/isvw/config/web/intscan.ini': Read-only file system                                                                            
cp: unable to remove `/opt/trend/isvw/config/web/intscan.ini': Read-only file system                                                                            
cp: unable to remove `/opt/trend/isvw/config/web/intscan.ini': Read-only file system                                                                            
cp: unable to remove `/opt/trend/isvw/config/web/urlf.ini': Read-only file system                                                                              
cp: unable to remove `/opt/trend/isvw/config/web/urlf.ini': Read-only file system                                                                              
cp: unable to remove `/opt/trend/isvw/config/web/urlf.ini': Read-only file system                                                                              
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system                                                                              
cp: unable to remove `/opt/trend/isvw/config/web/intscan.ini': Read-only file system                                                                            
cp: unable to remove `/opt/trend/isvw/config/web/urlf.ini': Read-only file system                                                                              
cp: unable to remove `/opt/trend/isvw/config/web/urlf.ini': Read-only file system                                                                              
chmod: /opt/trend/isvw/config/mail/imss.ini: Read-only file system              
chown: /opt/trend/isvw/config/mail/imss.ini: Read-only file system              
Applying network settings ...
0
Comment
Question by:RobFarley
  • 4
  • 4
8 Comments
 
LVL 61

Expert Comment

by:btan
ID: 39196538
Pls see this

http://www.cisco.com/en/US/docs/security/csc/csc63/administration/guide/csc8.html#wp1046652

Cannot Log On

You specified an administrator password when you installed Trend Micro InterScan for Cisco CSC SSM with the Setup Wizard. You must use the password you created during installation to log in, which is not the same password that you use to access ASDM. Passwords are case-sensitive; be sure you have entered the characters correctly.

Another is to first use the show module, show module 1, and show module 1 details commands to verify that the CSC SSM has been activated successfully.

http://www.cisco.com/en/US/docs/security/csc/csc63/administration/guide/csc8.html#wp1091896

Enter the following command to view the status of the SSM card:
hostname(config)# show module 1
Enter the following command to view the state for each individual process:
hostname(config)# show module 1 details
0
 

Author Comment

by:RobFarley
ID: 39196558
Please read my post carefully. There are 3 methods with which you can access the SSM-10. Through Telnet (CLI), the ASDM or the web management interface. I CAN log on to the SSM-10 using 2 of them (CLI and the ASSM). I cannot log on using the web interface. No where in the documentation do I read anything that would suggest that the web management interface has a different login than the CLI OR ASDM.
0
 
LVL 61

Expert Comment

by:btan
ID: 39196594
noted - maybe useful if fiddler web proxy is set up to see if the http req / resp packet capture as you try to login from the browser. quick try is using different browser (FF, IE, Chrome) too. also another suspicions is the SSL transaction and server certificate for the login (https) page
0
 

Author Comment

by:RobFarley
ID: 39196604
Thanks for your prompt reply. I have previously tried all of your suggestions  with no success. Why, after making simple changes to the configuration are they not being saved? Please remember that the only way I can make changes is by successfully being logged on to the SSM-10 (through the CLI)
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 61

Expert Comment

by:btan
ID: 39197356
thanks for sharing. Looks like the log is most alluding to Trend Micro repository ...

 I was drilling to find more CSC SSM relevant info as below and it may render the need to escalate to Cisco TAC since you cover most ground fact findings. There is a diagram (fig 64-2)  in the link below of recommended dedicated mgmt lan

http://www.cisco.com/en/US/docs/security/asa/asa84/asdm64/configuration_guide/modules_csc.html

Likewise on the section on "connecting to CSC SSM" which you may already know
http://www.cisco.com/en/US/docs/security/asa/asa84/asdm64/configuration_guide/modules_csc.html#wp1118815

The CSC SSM has a password that is maintained separately from the ASDM password. You can configure the two passwords to be identical, but changing the CSC SSM password does not affect the ASDM password.

I was thinking of resetting port access (though I know you can access CSC SSM via ADSM) which you may also have done too...
http://www.cisco.com/en/US/docs/security/csc/csc63/administration/guide/cscappb.html#wp1069518
0
 

Accepted Solution

by:
RobFarley earned 0 total points
ID: 39208758
Your research into this issue seems very thorough. Unfortunately I have tried all of the recommended solutions listed above to no avail. At this point in time I am thinking that I have a hardware failure of some type.

Thanks for your help
0
 
LVL 61

Expert Comment

by:btan
ID: 39209675
Glad to have help as much - probably the best is activate the support side where they can can collect dump to further analysis.
0
 

Author Closing Comment

by:RobFarley
ID: 39218406
I believe that the solutions offered were thorough and well thought out however it appears that my problem will likely be a hardware issue.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now