I have a 4230. It was working fine but when I issued the shutdown command, sometimes the box wouldnt come up or if it did it had disk corruption and I would have to re-image/recover with the CD. This was due to the following bug: http://www.cisco.com/warp/customer/770/fn15269.shtml I re-imaged the sensor and thought that everything was fine. Say the IP Address for my control NIC is 192.168.1.28. I reboot the sensor and do a 'ping 192.168.1.28 -t' when the sensor comes to the 'Initializing system....' I start getting a response. But right about when the login prompt comes up I stop getting responses from the NIC. This happens everytime. I have tried changing to a different IP Address and have check the default route and subnet mask and everything is fine. The switch port that the control NIC is on shows a link at 100full and the link light on the sensor NIC shows link. If I do a 'ifconfig -a' I see the interface as UP.
Do you have a keyboard and monitor attached to the system when you are seeing this problem? We have seen issues where some keyboards and monitors will lock up the system during initialization (a field notice is forthcoming). If this is the case, try connecting to the sensor with a laptop or a different keyboard and monitor to see if that fixes the problem. Or, since the system is already configured, you can boot headless and telnet into the sensor once it finishes booting.
Which brings up some other questions. How long did the sensor run before you started seeing this boot issue? Did it start happening when you rebooted the sensor after running 'sysconfig-sensor' the first time? What was the last change you made (that prompted a reboot)?
yes it did happen the first time after I ran 'sysconfig-sensor'. No there is no keyboard or monitor attached. I had a laptop connected to the unit. What happend was I ran into the hard disk corruption bug mentioned above, which rendered the unit un-bootable. So i unracked the unit and brang it to my desk. I then recovered/restored the sensor. I ran 'sysconfig-sensor', set up all the info and then rebooted it. After it rebooted and I verified that all the information recorded and saved right, I then re-racked the unit. After I re-racked it, I noticed that I could only ping the host while it was booting up, after it reached the login prompt, it dropped off the network. And yes the ip addresses that I tried from are in the 'allowed' access-list. I should be able to still ping the unit, even if the ip's where not in the access-list.
This is definitely strange. The fact that you can ping the box while it is booting indicates that the hardware is probably functioning properly. It sounds like part of the configuration is being overwritten. Have you tested connectivity out of the box? Also, look at the results of 'netstat -nr' to see if anything looks out of the ordinary.
If you would like to take this discussion offline, please e-mail me at email@example.com
yes that file is there. also i re-ran sysconfig-sensor a couple of times trying different things like: changing the sensors ip address, sensors name, its ID and through all the changes the symptoms stayed the same. If I do a 'snoop -d spwr0' which is the monitoring interface i see all the traffic that im suppose to see. If i do a 'snoop -d iprb0' which is the control interface all i see is SYN's for everything and ARP requests. NRCONNS shows SYS SENT not recieved.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :