07-26-2005 07:18 AM - edited 03-10-2019 01:33 AM
Hi all,
I upgraded a 4215 from IDS to IPS 5.03 with Sig 181 and the BIOS update. Now I am unable to communicate through the sensor. I can ping the sensor only from int FA1(which I presume is actually FA0/1 in the config)
Here is my config:
service analysis-engine
virtual-sensor vs0
description default virtual sensor
logical-interface PAIR1
inline-interfaces PAIR1
interface1 FastEthernet0/1
interface2 FastEthernet1/2
exit
bypass-mode auto
service interface
physical-interfaces FastEthernet0/1
admin-state enabled
exit
physical-interfaces FastEthernet1/1
admin-state enabled
exit
physical-interfaces FastEthernet1/2
admin-state enabled
exit
Does anyone see anything obvious that I am overlooking?
The 4FE was working in IDS mode.
Thanks,
JT
08-02-2005 07:32 AM
Do you see any error message ? Your config looks good, should be working.
08-02-2005 08:24 AM
A possible cause could be that you have network cables plugged into the wrong network interfaces on the back of the IDS-4215.
Beginning with IPS 5.0, on all existing sensor appliances, we name the network interfaces according to a Cisco standard. For a given slot (or main board) the interface physically closest to the power supply is lowest interface number (0), and the numbers increase as you move away from the power supply.
This naming convention is opposite from the silk screen interface names marked on the outside of IDS-4215 sensors.
The interface pair you call "PAIR1" includes the interface on the main board furthest from the power supply (called "FastEthernet0/1" on the command line, but which is labeled "FastEthernet0" on the back of the unit) and the third interface from the power supply on the 4FE module.
Hopefully my ASCII graphics make sense. This is what you would see looking at the rear of the IDS-4215:
O-X-O-O......X-O......PS
Each "X" or "O" represents a network interface. The Xs mark the two that are in PAIR1. "PS" is the power supply.
I recommend that you label your IDS-4215 interfaces, or blot out the silk screened names with a permanent marker, to avoid confusion in the future. We realize this causes some confusion, but moving to a naming standard will benefit you in the long run, especially if you have multiple Cisco products installed in your network.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide