06-09-2008 10:55 AM - edited 03-10-2019 04:08 AM
I am having trouble with connectivity and the IPS Module. The IPS management interface is plugged into a dell powerconnect switch using a straight cable and it shows a link. However I cannot ping the ip address i have assigned the management interface. Its almost like the interface is shutdown. Could this be the case? Can the management interfacee shutdown? If so how do I bring it up? If not what would be some troubleshooting techniques with the IPS Module?
06-09-2008 11:56 AM
First of all issue the command:
"show module 1 details"
To check if your module is in UP state.
If it is not UP, have a look at:
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00808908d5.shtml
Also check if the port is UP/UP on the switch.
Please also note that in order for the IPS IP to be pingable. the SOURCE pinging should be Permitted in the access-list of the IPS (which can be done using the 'setup' command or under service host). A better approach would be to ping the machine from the IPS itself, as this is not dependent on the Access List on the IPS.
Regards
Farrukh
06-09-2008 12:19 PM
I issued the show module 1 details command and everything shows up. I looked at the switch and everything is in the up state. I have tried pinging from the IPS to nodes on the same leg but nothing is going through. Im looking through the link you provided now and hope to find something. Any ther suggestions?
06-09-2008 12:59 PM
Check the 'show interface' command on the IPS (I hope it is available on the AIP-SSM).
Check the machine you are pinging, if it has an ARP entry for the IPS module's Management IP, 'arp -a' if its Windows.
Try changing the switch port (Or get a Cisco Switch :) )
Perhaps you can try to re-initialize the AIP-SSM using the 'setup' command.
Also if possible post the 'show interface' and 'show config' output of the module on the forum.
Regards
Farrukh
06-09-2008 11:28 PM
Hi,
If u r not able to ping the IPS from ur machine , then u directly connect ur machine to the IPS command&control interface. Then U should ping and after that U can access the IPS , but JAVA must be installed on ur machine to access the IPS.Also u must see the IPS config -- Mainly acess-list on the IPS. U can see as folows--
ASA#session 1
enter pass --
IPS#sh config
And from here u can see the access-list entries.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide