Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Capture not allowed on a SPAN destination port

Hi all

I have 2 switches Cat6509E. each with IDSM module

I have on first switch this commands

intrusion-detection module 7 data-port 1 capture
intrusion-detection module 7 data-port 2 capture
intrusion-detection module 7 data-port 1 capture allowed-vlan 4,6,16,17,66
intrusion-detection module 7 data-port 2 capture allowed-vlan 68,70,74,134,145

And when I trying to put the same on second switch I will get this error message

Intrusion-detection-module 7 data-port 2:  Capture not allowed on a SPAN destination port

What does it mean?

Output "sh monitor" is the same on both switches

Session 1
---------
Type                   : Service Module Session
Modules allowed        : 1-9
Modules active         : 1,7
BPDUs allowed          : Yes


Session 2
---------
Type                   : Local Session
Source VLANs           :
    Both               : 4
Destination Ports      : analysis-module 8 data-port 1

Peter

  • LAN Switching and Routing
1 REPLY
Cisco Employee

Re: Capture not allowed on a SPAN destination port

Hi,


From the error message, looks like module 7 data-port 2 is also a SPAN destination port.  Can you check the configuration ?


If module 7 data-port 2 is not a SPAN destination, perform the following steps:


  • unconfigure "intrusion-detection module 7 data-port 2 capture",
  • configure "intrusion-detection module 7 data-port 2 capture allowed-vlan 68,70,74,134,145" FIRST and then
  • configure "intrusion-detection module 7 data-port 2 capture".


Let me know if this helps.


Please rate this answer if you found the content useful

463
Views
0
Helpful
1
Replies
This widget could not be displayed.