Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
413
Views
0
Helpful
2
Replies

4215 problem with Inline Pair or 4FE

jterry
Level 1
Level 1

‎07-26-2005 07:18 AM - edited ‎03-10-2019 01:33 AM

Hi all,

I upgraded a 4215 from IDS to IPS 5.03 with Sig 181 and the BIOS update. Now I am unable to communicate through the sensor. I can ping the sensor only from int FA1(which I presume is actually FA0/1 in the config)

Here is my config:

service analysis-engine

virtual-sensor vs0

description default virtual sensor

logical-interface PAIR1

inline-interfaces PAIR1

interface1 FastEthernet0/1

interface2 FastEthernet1/2

exit

bypass-mode auto

service interface

physical-interfaces FastEthernet0/1

admin-state enabled

exit

physical-interfaces FastEthernet1/1

admin-state enabled

exit

physical-interfaces FastEthernet1/2

admin-state enabled

exit

Does anyone see anything obvious that I am overlooking?

The 4FE was working in IDS mode.

Thanks,

JT

Labels:
0 Helpful
2 Replies 2

umedryk
Level 5
Level 5

‎08-02-2005 07:32 AM

Do you see any error message ? Your config looks good, should be working.

0 Helpful

brhamon
Level 1
Level 1

‎08-02-2005 08:24 AM

A possible cause could be that you have network cables plugged into the wrong network interfaces on the back of the IDS-4215.

Beginning with IPS 5.0, on all existing sensor appliances, we name the network interfaces according to a Cisco standard. For a given slot (or main board) the interface physically closest to the power supply is lowest interface number (0), and the numbers increase as you move away from the power supply.

This naming convention is opposite from the silk screen interface names marked on the outside of IDS-4215 sensors.

The interface pair you call "PAIR1" includes the interface on the main board furthest from the power supply (called "FastEthernet0/1" on the command line, but which is labeled "FastEthernet0" on the back of the unit) and the third interface from the power supply on the 4FE module.

Hopefully my ASCII graphics make sense. This is what you would see looking at the rear of the IDS-4215:

O-X-O-O......X-O......PS

Each "X" or "O" represents a network interface. The Xs mark the two that are in PAIR1. "PS" is the power supply.

I recommend that you label your IDS-4215 interfaces, or blot out the silk screened names with a permanent marker, to avoid confusion in the future. We realize this causes some confusion, but moving to a naming standard will benefit you in the long run, especially if you have multiple Cisco products installed in your network.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card