At 06:10 PM 2/5/02, Bates, Steven (SIGNAL) wrote: >Actually what is going on is we are trying to get the port span feature >going on a 6509 with native ios. As soon as I turn on the >monitor session destination, the device that is plugged into the port can no >longer ping, etc.
I think port 1 on the IDS module is supposed to be the monitor session destination port. The ports or VLANs that you want to monitor are supposed to be the monitor session source ports. Is that what you have? Is it the IDS that can't ping? How do you have it configured? Did you give it an IP address and default gateway? > If this is an IDS that is monitoring an >egress pipe, how will it do session resets when appropriate? It's just monitoring. I doubt that it can send a session reset, whatever that means, but I could be wrong. I think the only thing the IDS module can send is an alarm after it detects an attack. Alarms are generated by the IDS module through the Catalyst 6000 family switch backplane to the Director or Cisco Secure PM. There's more info in the documentation here: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/idsm/idsm_2/13074_03.htm Priscilla >Steven Kell Bates ________________________ Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34552&t=34469 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]