Hi, tried resetting module ie reset 8 hdd:1(the active partition) to no avail. Any thing else to try?

Resetting the blade will reboot the operating system which forces all connections to close.

So either there is a program out there that is trying to continually connect (maybe a configuration update from IDS MC??) or there is a bug in your IDSM that is preventing you from logging in or you are not giving the IDSM enough time to initialize after a reboot before trying to login.

Hi Marc, Unplugged the VMS hoping hit was trying to access the ISDM-1. No change.

Supply_6509_Secondar (enable) reset 8

This command will reset module 8.

Unsaved configuration on module 8 will be lost

Do you want to continue (y/n) [n]? y

Module 8 shut down in progress, please don't remove module until shutdown compl.

Supply_6509_Secondar (enable) Module 8 shutdown completed. Module resetting...

2003 Oct 14 14:19:04 edt -04:00 %SYS-3-SUP_OSBOOTSTATUS:Starting IDSM Diagnostis

2003 Oct 14 14:19:44 edt -04:00 %SYS-3-SUP_OSBOOTSTATUS:IDSM diagnostics comple.

2003 Oct 14 14:19:51 edt -04:00 %SYS-5-MOD_OK:Module 8 is online

2003 Oct 14 14:19:51 edt -04:00 %SYS-3-MOD_PORTINTFINSYNC:Port Interface in syn8

2003 Oct 14 14:19:51 edt -04:00 %DTP-5-TRUNKPORTON:Port 8/1 has become dot1q trk

Supply_6509_Secondar (enable) ping 10.246.1.193

!!!!!

----10.246.1.193 PING Statistics----

5 packets transmitted, 5 packets received, 0% packet loss

round-trip (ms) min/avg/max = 1/1/1

Supply_6509_Secondar (enable) telnet 10.246.1.193

Trying 10.246.1.193...

Connected to 10.246.1.193.

Escape character is '^]'.

Connection refused. Maximum users reached.

Supply_6509_Secondar (enable)

Im trying to telnet from the mgmt port of the 6509 chassis which the idsm blade resides, so not much else to

Telnet has worked previously, but this started when we tried to manage via VMS. We haven't been able to query, update etc with VMS.

Any other possibilities short of trying to reload an image.

Sensor version is : 3.0(6)S46

Thanks for your assistance.

Are you able to session to the IDSM-1 after reboot?

If you can session but not telnet then verify that the switches ip address is in the list of allowed hosts (permit entries in the access list).

I believe that "show conf" should show you the access list.

If the switches IP is not in the access list then enter configure terminal mode, and execute the direct-access command to add the switch to the access list.

NOTE: Do not use the setup command to modify the access-list as this will re-initialize all of your IDS configuration. Instead use the direct-access command to modify the access list.

In the meantime I will check with the IDSM developers to find out what else may be causing this message.

That error message is displayed regardless of the problem encountered during the login attempt. To do otherwise would leak information.

You will notice that the error message is displayed before the username and password was even requested. In this situation, the reason is almost assuredly an access list problem. Mark, just add the IP address of the remote host (the one on which you're running the telnet client) to the list of allowed hosts. You can do this by sessioning in from the supervisor because the supervisor is always allowed access.

I would also recommend that you enable SSH and use it exclusively in place of telnet. Need a free SSH client? I recommend PuTTY for Windows and OpenSSH for Unix-like systems.

Thank you for you assistance. I tried all but to no avail. I finally reimaged(IDSMk9-a-3.0-1-S4-5.xxx) the IDSM blade via ftp and applied the 3.0(6) S42 sp update via ftp and I am now able to telnet into the sensor blade.