IDSM data port status down

safe · ‎09-16-2006

Dear all,

I am facing strange problem with 6500 IDS module.Management port of IDSM is up and Data port 2 Operational Mode: down.When i check traffic on this port it is one way only.I can able to ping IDSM management IP but when i try to telnet it given only banner after that it hang.

Will i need to reset IDS module to solve this problem.Is there any other way to solve this problem.

THanks & Regards

SAM

oabduo983 · ‎09-16-2006

Hi Sam,

Do you have an access-list configured to allow your IP? check using the setup command and add your IP address if it is not listed there!

I hope this helps...

Regards,

safe · ‎09-17-2006

Thanks for your reply,

Actually we did not make any changes in configuration.This is working configuration.We can able to ping IDS IP , but when try to telnet i got banner of IDS but does not allow me to give any commands.

I am little bit confused about data port of IDS.Operation mode of IDSM is down.

-------------------

MSFC_SW#sh intrusion-detection module 8 data-port 2 sta

Intrusion-detection module 8 data-port 2:

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: down

Administrative Trunking Encapsulation: dot1q

Negotiation of Trunking: Off

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Trunking VLANs Enabled: NONE

Pruning VLANs Enabled: 2-1001

Capture Mode Enabled

Capture VLANs Allowed: 1-150

Vlans allowed on trunk:none

Vlans allowed and active in management domain: none

Vlans in spanning tree forwarding state and not pruned:

none

Administrative Capture Mode: Enabled

Administrative Capture Allowed-vlans: 1-150

MSFC_SW#

-------------------------------

MSFC_SW#sh intrusion-detection module 8 data-port 2 traffic

Intrusion-detection module 8 data-port 2:

Specified interface is up line protocol is down (monitoring)

Hardware is C6k 1000Mb 802.3, address is 000f.905c.6407 (bia 000f.905c.6407)

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 1000Mb/s

input flow-control is off, output flow-control is unsupported

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 2350000 bits/sec, 2355 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 input packets with dribble condition detected

21555252761 packets output, 3201907351815 bytes, 0 underruns

0 output errors, 0 collisions, 3 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

MSFC_SW#

--------------------------------------

This is interface status in MSFC.

Hope now you can understand my problem.

TIA

SAM

amitmarathe · ‎02-07-2009

I am having the same issue with IDSM-2. IDSM port goes down intermitantly. Is this a back plane issue?

dinesh.das · ‎02-10-2009

Hi SAM,

If you are using SPAN for IDSM and that date port are in MONITORING mode.

The basic characteristic of a SPAN destination port is that it does not transmit any traffic except the traffic required for the SPAN session. If you need to reach (IP reachability) the network analyzer / security device through the SPAN destination port, you need to enable ingress traffic forwarding.

Your access problem is not related to this, try with http/https access

DD