Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
588
Views
0
Helpful
1
Replies

Accessing IPS Module in a VRF

alex.dersch
Level 4
Level 4

‎02-17-2011 06:04 AM - edited ‎03-10-2019 05:16 AM

Hello Members,

i have installed a IPS Module on a router. Unfortunately the interface i use to access the router is in a VRF and i can't access the service module in this scenario. Here is the router config.

interface IDS-Sensor1/0
ip vrf forwarding CENTRAL
ip unnumbered GigabitEthernet0/0.100
service-module fail-open
!
hold-queue 60 out
end

interface GigabitEthernet0/0.100
description CONNECTION TO VRF CENTRAL
encapsulation dot1Q 100
ip vrf forwarding CENTRAL
ip address 172.16.2.14 255.255.255.248
ip flow ingress
ip flow egress
ids-service-module monitoring inline access-list 100
no cdp enable
end

and here the IPS module network config

network-settings
host-ip 172.16.2.13/29,172.16.2.9
telnet-option disabled
access-list 0.0.0.0/0

i get this error message when i try to access to module


Router01#service-module iDS-Sensor 1/0 session
Trying 172.16.2.14, 2067 ...
% Destination unreachable; gateway or host down

thanks for your feedback in advanced

alex

Labels:
0 Helpful
1 Reply 1

alex.dersch
Level 4
Level 4

‎02-17-2011 12:09 PM

it's working now. i had a vlan configuration error.

thanks anyways

alex

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card