6509 ids module can't communicate with network device

Unanswered Question
Oct 24th, 2002
User Badges:

I have one ids module installed in the 6509. I used the setup command to set the sensor's ip add :192.168.1.2 default gateway 192.168.1.1 . Then I set interface vlan 20 in msfc2, But the vlan 20 is down . I can't ping 192.168.1.2,

What is the problem?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jlimbo Thu, 10/24/2002 - 20:26
User Badges:

Can you confirm that your IDSM blade is supported on the version you are running, maybe your interfaces are not recognized. The show mod should show the sub = no and status = ok. If this is all ok then make sure you put the right interfaces into the correct vlan. By default port 2 should be command and control port and should be assigned to the correct vlan.

wshall Tue, 10/29/2002 - 18:26
User Badges:

Sorry to butt-in, I've got the same problem I believe. Just so I understand exactly:

I have a Vlan 240 which is where the IDS is to exist. From the 6500 I type SH Mod and see the module 4 (My IDS) port 1 is trunked, port 2 is on vlan1. Port 2 should be changed to Vlan 240 to have it configured correctly. Correct ?






marcabal Wed, 10/30/2002 - 08:29
User Badges:
  • Cisco Employee,

Correct,


The Control Port of the IDSM needs to be set on the vlan for the network to which it's IP Address has been assigned.

In your case: set vlan 240 4/2


NOTE: The vlan for the command and control does not have to be and is usually not the same as the vlan that is being monitored by port 1.

Port 1 by default trunks all vlans in the switch, but you may want to consider removing vlans from the trunk port that you will not be monitoring.


Actions

This Discussion