AIP-SSM How to Verify Traffic is being passed for inspection?

Unanswered Question
Jun 16th, 2009

"show conf" command on my AIP SSM CLI. gigabitEthernet0/1 backplane interface of the SSM has not been assigned to virtual sensor vs0.but

Through this command show service-policy

traffic is recevied by IPS Module.why this,

Kindly guide me

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
abinjola Tue, 06/16/2009 - 04:07

show service-policy will show you packets being sent to the module, however if you have NOT assigned the backplance interface to VS0 then no action would be taken on those packets

kiani Tue, 06/16/2009 - 04:11

Thanks,i got it.

Cinet-IPS1# show statistics virtual-sensor

Virtual Sensor Statistics

Statistics for Virtual Sensor vs0

Name of current Signature-Defintion instance = sig0

Name of current Event-Action-Rules instance = rules0

List of interfaces monitored by this virtual sensor = GigabitEthernet0/1 subinterface 0

General Statistics for this Virtual Sensor

Number of seconds since a reset of the statistics = 434653

SensorApp Memory Use Percentage = 33

Processing Load Percentage = 1

Total packets processed since reset = 1722

Total IP packets processed since reset = 1722

Total IPv4 packets processed since reset = 1722

Total IPv6 packets processed since reset = 0

Total IPv6 AH packets processed since reset = 0

Total IPv6 ESP packets processed since reset = 0

Total IPv6 Fragment packets processed since reset = 0

Total IPv6 Routing Header packets processed since reset = 0

Total IPv6 ICMP packets processed since reset = 0

Total packets that were not IP processed since reset = 0

Total TCP packets processed since reset = 1466

Total UDP packets processed since reset = 0

Total ICMP packets processed since reset = 256

Total packets that were not TCP, UDP, or ICMP processed since reset = 0

Total ARP packets processed since reset = 0

abinjola Tue, 06/16/2009 - 04:33

use the following command

(config)# service analysis-engine

virtual-sensor vs0

(config-ana-vir)# physical-interface gigabitEthernet0/1

Now do show statistics virtual-sensor it should show gig0/1 assigned

Actions

This Discussion