Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IDSM data port status down

Dear all,

I am facing strange problem with 6500 IDS module.Management port of IDSM is up and Data port 2 Operational Mode: down.When i check traffic on this port it is one way only.I can able to ping IDSM management IP but when i try to telnet it given only banner after that it hang.

Will i need to reset IDS module to solve this problem.Is there any other way to solve this problem.

THanks & Regards

SAM

4 REPLIES
Bronze

Re: IDSM data port status down

Hi Sam,

Do you have an access-list configured to allow your IP? check using the setup command and add your IP address if it is not listed there!

I hope this helps...

Regards,

New Member

Re: IDSM data port status down

Thanks for your reply,

Actually we did not make any changes in configuration.This is working configuration.We can able to ping IDS IP , but when try to telnet i got banner of IDS but does not allow me to give any commands.

I am little bit confused about data port of IDS.Operation mode of IDSM is down.

-------------------

MSFC_SW#sh intrusion-detection module 8 data-port 2 sta

Intrusion-detection module 8 data-port 2:

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: down

Administrative Trunking Encapsulation: dot1q

Negotiation of Trunking: Off

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Trunking VLANs Enabled: NONE

Pruning VLANs Enabled: 2-1001

Capture Mode Enabled

Capture VLANs Allowed: 1-150

Vlans allowed on trunk:none

Vlans allowed and active in management domain: none

Vlans in spanning tree forwarding state and not pruned:

none

Administrative Capture Mode: Enabled

Administrative Capture Allowed-vlans: 1-150

MSFC_SW#

-------------------------------

MSFC_SW#sh intrusion-detection module 8 data-port 2 traffic

Intrusion-detection module 8 data-port 2:

Specified interface is up line protocol is down (monitoring)

Hardware is C6k 1000Mb 802.3, address is 000f.905c.6407 (bia 000f.905c.6407)

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 1000Mb/s

input flow-control is off, output flow-control is unsupported

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 2350000 bits/sec, 2355 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 input packets with dribble condition detected

21555252761 packets output, 3201907351815 bytes, 0 underruns

0 output errors, 0 collisions, 3 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

MSFC_SW#

--------------------------------------

This is interface status in MSFC.

Hope now you can understand my problem.

TIA

SAM

New Member

Re: IDSM data port status down

I am having the same issue with IDSM-2. IDSM port goes down intermitantly. Is this a back plane issue?

New Member

Re: IDSM data port status down

Hi SAM,

If you are using SPAN for IDSM and that date port are in MONITORING mode.

The basic characteristic of a SPAN destination port is that it does not transmit any traffic except the traffic required for the SPAN session. If you need to reach (IP reachability) the network analyzer / security device through the SPAN destination port, you need to enable ingress traffic forwarding.

Your access problem is not related to this, try with http/https access

DD

270
Views
0
Helpful
4
Replies
CreatePlease login to create content