Capture not allowed on a SPAN destination port

pslavkovsky · ‎11-23-2010

Hi all

I have 2 switches Cat6509E. each with IDSM module

I have on first switch this commands

intrusion-detection module 7 data-port 1 capture
intrusion-detection module 7 data-port 2 capture
intrusion-detection module 7 data-port 1 capture allowed-vlan 4,6,16,17,66
intrusion-detection module 7 data-port 2 capture allowed-vlan 68,70,74,134,145

And when I trying to put the same on second switch I will get this error message

Intrusion-detection-module 7 data-port 2: Capture not allowed on a SPAN destination port

What does it mean?

Output "sh monitor" is the same on both switches

Session 1
---------
Type                   : Service Module Session
Modules allowed        : 1-9
Modules active         : 1,7
BPDUs allowed          : Yes

Session 2
---------
Type                   : Local Session
Source VLANs           :
    Both               : 4
Destination Ports      : analysis-module 8 data-port 1

Peter

Shashank Singh · ‎11-26-2010

Hi,

From the error message, looks like module 7 data-port 2 is also a SPAN destination port. Can you check the configuration ?

If module 7 data-port 2 is not a SPAN destination, perform the following steps:

unconfigure "intrusion-detection module 7 data-port 2 capture",
configure "intrusion-detection module 7 data-port 2 capture allowed-vlan 68,70,74,134,145" FIRST and then
configure "intrusion-detection module 7 data-port 2 capture".

Let me know if this helps.

Please rate this answer if you found the content useful