Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

NME-IPS K9 running in 3845 not accessible

I am not able to ping or ssh into my IPS module. I am not able to access it via the router either. When I try to create a session via the router I get the following : Trying xx.xxx.xxx.xxxx, 2114 Open..... and it just sits there. Is there another way to access it and/or reboot the module, without restarting the router.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: NME-IPS K9 running in 3845 not accessible

Hello,

1. You can reset the NME-IPS module from the Router CLI.

This will only reset the NME-IPS not the Router.

router# service-module ids-sensor 1/0 reset
       Use reset only to recover from shutdown or failed state
       Warning: May lose data on the hard disc!
       Do you want to reset?[confirm]

http://tools.cisco.com/squish/b63A4


2. After it comes back up, check if the
module is responsive.
You can also issue: 'show inventory' and check if the module is even detected by the router.
If the module is not even detected by the router, it may be an hardware issue.


3. Check if the module is correctly configured.
Check my configuration document for this.

https://supportforums.cisco.com/docs/DOC-12364


Sid Chandrachud
TAC Security Solutions

4 REPLIES
Cisco Employee

Re: NME-IPS K9 running in 3845 not accessible

Hello,

1. You can reset the NME-IPS module from the Router CLI.

This will only reset the NME-IPS not the Router.

router# service-module ids-sensor 1/0 reset
       Use reset only to recover from shutdown or failed state
       Warning: May lose data on the hard disc!
       Do you want to reset?[confirm]

http://tools.cisco.com/squish/b63A4


2. After it comes back up, check if the
module is responsive.
You can also issue: 'show inventory' and check if the module is even detected by the router.
If the module is not even detected by the router, it may be an hardware issue.


3. Check if the module is correctly configured.
Check my configuration document for this.

https://supportforums.cisco.com/docs/DOC-12364


Sid Chandrachud
TAC Security Solutions

Community Member

Re: NME-IPS K9 running in 3845 not accessible

I was able to reset the module, using the command you mentioned. It does show up under sh inventory. Also I am now able to login, via session, but still cannot ping or connect to it via IME or IDM. I am able to ping out. What am I missing here

Cisco Employee

Re: NME-IPS K9 running in 3845 not accessible

a. Can you paste the output of the following commands from the NME-IPS cli:

- show version

- show interface

b. Essentially 2 things to check.

1. If  IPS is still in crashed state: show version should show main app & analysis engine as 'running' under normal conditions.

2. Nothing is plugged into the management port on the outside of the NME-IPS.

Remember, when you console into the module from router, the connection goes over the backplane port gig0/1.

IME/IDM connection goes to management0/1 interface.

So management 0/1 port needs to have an ip address, and cable needs to be plugged into the external port on NME-IPS module.

c. Please do go through:

https://supportforums.cisco.com/docs/DOC-12364

Make sure the external port has a cable plugged in, and management 0/1 has an ip on it.

- Sid

Community Member

Re: NME-IPS K9 running in 3845 not accessible

Used the reload (in addition to the reset) comand and it came up. Thanks for your help

805
Views
0
Helpful
4
Replies
CreatePlease to create content