Cisco IPS-4255-K9 Installation Guide - Page 338
Diagnosing IDSM2 Problems, Control Transaction Server
UPC - 746320951096
View all Cisco IPS-4255-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 338 highlights
Troubleshooting the IDSM2 Chapter A Troubleshooting • Status LED Off, page A-62 • Status LED On But the IDSM2 Does Not Come Online, page A-63 • Cannot Communicate With the IDSM2 Command and Control Port, page A-64 • Using the TCP Reset Interface, page A-66 • Connecting a Serial Cable to the IDSM2, page A-66 Diagnosing IDSM2 Problems Use the following list to diagnose IDSM2 problems: • The ribbon cable between the IDSM2 and the motherboard is loose. During physical handling of the module, the connector can come loose from the base card, and cause the daughter card and the base card to lose contact with each other. A loose ribbon cable connector causes an on-line diagnostic error on ports 7 and 8. The module cannot operate when this condition exists. For more information, refer to Partner Field Notice 29877. • Some IDSM2s were shipped with faulty DIMMs. For the procedure for checking the IDSM2 for faulty memory, refer to Partner Field Notice 29837. • The hard-disk drive fails to read or write. When the hard-disk drive has been in constant use for extended periods of time (for more than 2 weeks), multiple symptoms, such as the following, can occur: - An inability to log in - I/O errors to the console when doing read/write operations (the ls command) - Commands do not execute properly (cannot find the path to the executable) The switch reports that the module is ok, but if you log in to the Service account and try to execute commands, you see that the problem exists. The 4.1(4) service pack alleviates this problem, but if you reimage the IDSM2 with the 4.1(4) application partition image, you must apply the 4.1(4b) patch. For more information, refer to CSCef12198. • SensorApp either crashes or takes 99% of the CPU when IP logging is enabled for stream-based signatures (1300 series). For the workaround, refer to CSCed32093. • The IDSM2 appears to lock up and remote access is prohibited (SSH, Telnet, IDM, Event Server, Control Transaction Server, and IP log Server). This defect is related to using SWAP. The IDSM2 responds to pings. Apply the 4.1(4) service pack to resolve this issue. For more information, refer to CSCed54146. • Shortly after you upgrade the IDSM2 or you tune a signature with VMS, the IDSM2 becomes unresponsive and often produces a SensorApp core file. Apply the 4.1(4b) patch to fix this issue. • Confirm that the IDSM2 has the supported configurations. If you have confirmed that the IDSM2 does not suffer from any of the problems listed above and yet it appears unresponsive, for example, you cannot log in through SSH or Telnet, nor can you session to the switch, determine if the IDSM2 responds to pings and if you can log in through the service account. If you can log in, obtain a cidDump and any core files and contact TAC. For More Information • The IDSM2 has the same software architecture as the 4200 series sensors. You can use the same troubleshooting tools as outlined in Troubleshooting the Appliance, page A-23. • For information about the Bug Toolkit and how to access it, see Bug Toolkit, page A-1. A-60 Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 OL-18504-01