mhellman Tue, 12/11/2007 - 10:26
User Badges:
  • Blue, 1500 points or more

Sounds like an issue with the default gateway. Do you have the default gateway configured and can you ping it?

cco-wallace Wed, 12/12/2007 - 22:50
User Badges:

Yes, default gateway is configured. IPS can ping other devices on other subnets.

marcabal Wed, 12/12/2007 - 23:09
User Badges:
  • Cisco Employee,

Did you setup your access list when running the "setup" command in the CLI.

Do the machines you are connecting from have their IP in the sensor's access list (or part of a subnet within the access list)?


Machines whose IP is not in the access list will not be able to connect to the sensor.


mhellman Thu, 12/13/2007 - 05:42
User Badges:
  • Blue, 1500 points or more

Interesting Marco. Based on your reply I checked and just realized that the sensors are using iptables. I thought they used to use just tcpwrappers? Did that change with version 6 or has it been like that a long time and I just never noticed?


In any event, iptables (marco's explanation) is a much more plausible explanation if you can ping other subnets but they can't ping you.

marcabal Thu, 12/13/2007 - 07:17
User Badges:
  • Cisco Employee,

I can't remember for sure when the change went. I think it was changed back in 5.0, but I am not positive.

Actions

This Discussion