Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1430
Views
9
Helpful
3
Replies

show ip sockets output

dmayne
Level 1
Level 1

‎05-02-2006 07:25 AM

When I run the show ip sockets from the CLI on a Cat 3500XL switch, I get some unexpected results.

On 3 switches that are interconnected, there is a client device (10.2.73.45) that shows a connection to port 33521. These entries show up everyday when I perform the query. Does anyone know what might be going on here - what I can check on the client pc (I plan on running a netstat)

nycs-s200101#show ip sockets

Proto Remote Port Local Port In Out Stat TTY OutputIF

17 0.0.0.0 123 10.2.72.10 123 0 0 1 0

17 10.2.73.45 33521 10.2.72.10 161 0 0 1 0

17 10.2.90.128 514 10.2.72.10 51153 0 0 0 0

Labels:
0 Helpful
3 Replies 3

vladrac-ccna
Level 5
Level 5

‎05-02-2006 05:27 PM

161 indicates that this host is accessing your switch on SNMP services.

could be a monitoring device? cisco works?

HTH,

if it does, Id appreciate if you rate this post.

Vlad

0 Helpful

dmayne
Level 1
Level 1
In response to vladrac-ccna

‎05-04-2006 11:26 AM

Vlad,

Thank you for this response. The ip address in question is actually a client machine. This device should not be monitoring our switches. Do you know of a way to disconnect this from the switch side?

0 Helpful

David Stanford
Cisco Employee
Cisco Employee
In response to dmayne

‎05-04-2006 06:32 PM

If its port 161 then its polling the switch via the read or read-write community strings. You could either change the comm strings (may not be feasible) or put an access-list on the community strings preventing that client from polling the switch.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card