Re: Installing IDSM v2

mtumarinson · ‎01-22-2004

I installed IDSM v2 in my 6509 switch. I run a setup command and configured control interface and assigned an ip address to it. However, I can't ping it from any of my workstations. I did not apply any access-list to it. I think I know why I can't do it is becuase the interface is not in a proper VLAN. This is a question which is a management/control interface for IDSM v2. Thanks in advance

marcabal · ‎01-22-2004

Sorry for the confusion this was accidentally left out of the user docs, and is being added in the next revision of the docs.

For Cat OS:

Port 2 is the command and control interface.

place it in the proper vlan

Port 1 is a TCP Reset interface (no extra configuration needed).

Port 7 and 8 are the sniffing interfaces (need span or VACL Capture configurations to get traffic to them).

For Native IOS:

managememt-port is the command and control port

data-port 1 and 2 are the sniffing interface corresponding to sensing interfaces 7 and 8.

NOTE: Use the intrusion-detection module command for configuring the IDSM-2 ports.

mtumarinson · ‎01-22-2004

Thanks for the advice but I could not find the commands that you mention. I am running Native IOS Version 12.1(19)E. I pressume I have to be in config t mode. Let me know what I am doing wrong. Also if you have modified documentatin that I can take a look at I would really appreceate it

wardwalk · ‎01-23-2004

Hi Max,

As I recall, IOS 12.1(19)E is the minimum version for sup2/msfc2 while IOS 12.1(19)E1 is the minimum version for sup1a/msfc2. I suggest you upgrade IOS to 12.1(19)E1. I'll look for documentation about the IOS versions and switch configurations that support the IDSM2. What type of supervisor and MSFC/PFC does your switch have?

By the way...

Here's a link to configuring IOS to send traffic to the IDSM2:

http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_installation_and_configuration_guide_chapter09186a00801a0c95.html#589548

What's missing in that documentation are instructions for configuring the IDSM2 command/control port in IOS. To put the IDSM2 command/control port into the proper VLAN, use the following commands via the IOS CLI on your switch:

config t

intrusion-detection module management-port access-vlan

exit

wr mem

mtumarinson · ‎01-23-2004

I am running Sup1a with MSFC1. And now i am getting confused one document states it is suppored and the other document statest it does not. Here are the links for both documents

http://www.cisco.com/en/US/customer/products/hw/modules/ps2706/products_data_sheet09186a008019ab18.html

http://www.cisco.com/application/vnd.ms-powerpoint/en/us/guest/products/ps2706/c1161/ccmigration_09186a0080148737.ppt

marcabal · ‎01-23-2004

The Data Sheet is correct.

In Native IOS, the Sup1a with MSFC2 is supported but not the Sup1a with MSFC1.

It is wrong in the powerpoint presentation comparing the IDSM-1 and IDSM-2. The powerpoint presentation had been posted prior to release of the Native IOS support, and a mistake was made in listing which combinations were supported.

mtumarinson · ‎01-23-2004

Well do you think there is a problem with this statement? I just went and spent $40,000 on equipment that should work with my current infrastructure and it is not because there is wrong documentation posted on cisco site. Can you correct this issue; so at least other people would not find this out the hard way. I am definitely be calling my account rep and let him know about this as well. Thanks you all of you who helped me.

kwinkelman · ‎01-30-2004

I have another question related to this. The PPT shows Sup2 approved. The Datasheet shows Sup2 w/o PFC2 as not supported. So a PFC2 card is required for use with the Sup2?