Hwic 4esw monitor Session

Currently running a hwic 4esw module in a 2800 series router and we are using websense so I’m trying to use Monitor session to mirror the traffic over for websense to see. The only problem is that the route locks up every week and doesn’t allow any traffic out. Any ideas?

I need some clarifications from your side to help you out with the problem.Are you able to normally ping the Websense server from the PIX? .When the problem occurs are you able to ping the websense server from the PIX?. Is the PIX reachable from the rest of the network when the problem occurs?
Send me these details so that I can help you further.

Similar Messages

  • HWIC-4ESW capable of DSCP marking?

    Hello. Does anyone know if the HWIC-4ESW card is capable of classifying traffic and marking DSCP values on those packets?
    Thanks,
    Mike

    Hello Mike,
    this is from the relevant Q&A: QoS to DSCP mapping is supported:
    Q. What features are supported on the Cisco EtherSwitch HWICs?
    A. The following features are supported on the Cisco EtherSwitch HWICs:
    Up to 15 individual VLANs per 4- or 9-port Cisco EtherSwitch HWIC
    IEEE 802.1Q tagged and untagged VLANs
    Virtual Trunking Protocol (VTP) support for client, server, and transparent modes
    Layer 2 MAC-related feature support:
    Secure MAC addresses
    Static and Dynamic MAC addressing
    2000 MAC addresses
    Port application support
    SPAN port monitoring
    Per-port storm control for broadcasts, unicasts, and multicasts
    QoS feature support
    IEEE 802.1p class-of-service (CoS) priority for 802.1Q tagged frame
    Port-based priority for native frames
    Port priority to overwrite the IEEE 802.1p priority
    Strict priority and Weighted Round Robin CoS policies
    CoS-to-differentiated services code point (DSCP) mapping
    Internet Group Management Protocol (IGMP) snooping
    Network Time Protocol (NTP) support
    IEEE 802.1D spanning tree and Spanning Tree Protocol PortFast
    Secure port filtering (200 secure MAC addresses)
    Simple Network Management Protocol (SNMP) support
    Telnet client and server support
    Cisco Discovery Protocol Versions 1 and 2 support
    Fallback bridging
    802.1x authentication
    IEEE 802.3af-compliant PoE
    Q. What features are not supported on the 4- and 9-port Cisco EtherSwitch HWICs?
    A. The following features are not supported on the Cisco EtherSwitch HWICs:
    Layer 3 switching (this is done through the router)
    Dynamic VLAN for access port
    VTP pruning
    Network port
    Routed port
    Per-port enabling and disabling of unknown multicast and unicast packets
    Cisco Group Management Protocol (GMP) client
    Rate limiting
    Cisco Cluster Management Suite (CMS) support
    HTH,
    GP

  • I am trying to get NAT working on a Cisco 2801 with HWIC-4ESW.

    I have a 2801 that had a failed Fe0/1 port.  The Fe0/1 port was used to give sub-interface Fe0/0.200 access to internet.  We installed a HWIC-4ESW into the 2801.  I have successfully moved the sub-interfaces ( 0/0.1 , 0/0.100 , and 0/0.200 ) from the Fe0/0 to the HWIC-4ESW.  I have reconfigured the Fe0/0 to connect to my ISP.  However, I cannot get traffic from vlan200 to pass to the internet over Fe0/0.   I have a guest wireless network set for vlan 200.  Clients get an IP address in the appropriate range (192.168.200.0), but they cannot get to the internet.  Below I have included the results of "sh ip int brief" and some of the "sh run".  I think that it is something simple, but I canot get it working.  
    Help would be appreciated.
    Interface IP-Address OK? Method Status Protocol
    FastEthernet0/0 ***.**.244.194 YES manual up up
    FastEthernet0/0.200 unassigned YES unset deleted down
    Service-Engine0/0 192.168.100.254 YES TFTP up up
    FastEthernet0/1 unassigned YES NVRAM administratively down down
    FastEthernet0/1/0 unassigned YES unset up up
    FastEthernet0/1/1 unassigned YES unset up up
    FastEthernet0/1/2 unassigned YES unset administratively down down
    FastEthernet0/1/3 unassigned YES unset administratively down down
    Serial0/3/0:0 unassigned YES unset down down
    Serial0/3/0:1 unassigned YES unset down down
    Serial0/3/0:2 unassigned YES unset down down
    Serial0/3/0:3 unassigned YES unset down down
    Serial0/3/0:4 unassigned YES unset down down
    Serial0/3/0:5 unassigned YES unset down down
    Serial0/3/0:6 unassigned YES unset down down
    Serial0/3/0:7 unassigned YES unset down down
    Serial0/3/0:8 unassigned YES unset down down
    Serial0/3/0:9 unassigned YES unset down down
    Serial0/3/0:10 unassigned YES unset down down
    Serial0/3/0:11 unassigned YES unset down down
    Serial0/3/0:12 unassigned YES unset down down
    Serial0/3/0:13 unassigned YES unset down down
    Serial0/3/0:14 unassigned YES unset down down
    Serial0/3/0:15 unassigned YES unset down down
    Serial0/3/0:23 unassigned YES NVRAM up up
    Vlan1 192.168.1.254 YES NVRAM up up
    Vlan100 192.168.100.254 YES NVRAM up up
    Vlan200 192.168.200.254 YES NVRAM up up
    NVI0 ***.12.244.194 YES unset administratively down down
    ip source-route
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.100.1 192.168.100.99
    ip dhcp excluded-address 192.168.100.200 192.168.100.254
    ip dhcp excluded-address 192.168.200.1 192.168.200.99
    ip dhcp excluded-address 192.168.200.200 192.168.200.254
    ip dhcp pool Phones
    network 192.168.100.0 255.255.255.0
    option 150 ip 192.168.100.254
    default-router 192.168.100.254
    dns-server 192.168.1.8
    ip dhcp pool guestwireless
    network 192.168.200.0 255.255.255.0
    default-router 192.168.200.254
    dns-server 8.8.8.8 8.8.4.4
    ip cef
    no ip domain lookup
    ip domain name pwa.com
    ip name-server 8.8.8.8
    ip name-server 8.8.4.4
    controller T1 0/3/0
    pri-group timeslots 1-16,24
    controller T1 0/3/1
    shutdown
    gw-accounting aaa
    gw-accounting syslog
    interface FastEthernet0/0
    description Guestwireless route to internet
    ip address ***.**.244.194 255.255.255.240
    ip nat outside
    ip virtual-reassembly
    duplex auto
    speed auto
    interface Service-Engine0/0
    ip unnumbered Vlan100
    service-module ip address 192.168.100.200 255.255.255.0
    service-module ip default-gateway 192.168.100.254
    no cdp enable
    interface FastEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    interface FastEthernet0/1/0
    description trunk to switch
    switchport mode trunk
    duplex full
    speed 100
    interface FastEthernet0/1/1
    description voice
    switchport access vlan 100
    interface FastEthernet0/1/2
    shutdown
    interface FastEthernet0/1/3
    shutdown
    interface Serial0/3/0:23
    no ip address
    encapsulation hdlc
    isdn switch-type primary-ni
    isdn incoming-voice voice
    isdn supp-service name calling
    no cdp enable
    interface Vlan1
    description Data
    ip address 192.168.1.254 255.255.255.0
    interface Vlan100
    description voice vlan
    ip address 192.168.100.254 255.255.255.0
    h323-gateway voip bind srcaddr 192.168.100.254
    interface Vlan200
    description Guestwireless Data
    ip address 192.168.200.254 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip forward-protocol nd
    ip http server
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip http path flash:
    ip nat inside source list 10 interface FastEthernet0/0 overload
    ip route 0.0.0.0 0.0.0.0 192.168.1.1
    ip route 192.168.100.200 255.255.255.255 Service-Engine0/0
    ip route 192.168.200.0 255.255.255.0 FastEthernet0/0
    ip radius source-interface Vlan100
    access-list 10 permit 192.168.200.0 0.0.0.255

    So, I just built this in the lab, and it seemed to work ok. I attached a sparse config, but it does let my host on the GuestWireless get the internet via NAT.
    R2#sh ip nat translations vrf GuestWireless
    Pro Inside global      Inside local       Outside local      Outside global
    icmp 17.12.244.194:5   192.168.200.1:5    1.1.1.1:5          1.1.1.1:5
    R2#sh ip route vrf GuestWireless
    Routing Table: GuestWireless
    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
           D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
           N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
           E1 - OSPF external type 1, E2 - OSPF external type 2
           i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
           ia - IS-IS inter area, * - candidate default, U - per-user static route
           o - ODR, P - periodic downloaded static route
    Gateway of last resort is 17.12.244.195 to network 0.0.0.0
         17.0.0.0/28 is subnetted, 1 subnets
    C       17.12.244.192 is directly connected, FastEthernet0/0
    C    192.168.200.0/24 is directly connected, Vlan200
    S*   0.0.0.0/0 [1/0] via 17.12.244.195

  • Monitor Sessions can't see most sessions?

    Symptom: Session Monitor nearly always displays “No text available” for a session’s current statement.
    Diagnosis:
    1.     I can’t see SQL for most sessions, even if I login as user SYS with the SYSDBA privilege.
    2.     Manual says:
    Monitor Sessions: Displays the status of one or more sessions, using information from the V$RSRC_SESSION_INFO view, which shows how the session has been affected by the Oracle Database Resource Manager.
    3.     When connected as system, I can select from the table Session Monitor uses, both on the server and via SQL Developer:
    SQL> select count(*) from V$RSRC_SESSION_INFO;
    50
    4.     In comparison, TOAD can display SQL for any user if I connect as user system . Run side by side, TOAD displays SQL for sessions that SQL Developer won’t display.

    Might be that TOAD displays the last executed statement rather than sqldev's current executing statement?
    K.

  • HWIC-4ESW having same MAC address with fa0/0 from CISCO2811 router.

    Hi Expert, I Have a situation where a 2811 is configured with 2 VLANs from HWIC-4ESW module, different ports configured, however the VLAN interfaces have the same mac-address with fa0/0 which causes ARP poisoning problem. It that anyway to solve this problem?

    Hi Lee,
    My understanding is, this is expected behavior and is due to the hardware limitation of the HWIC-4ESW Module. And I think the HWIC-4ESW Module (at least from my lab testing) always takes the MAC Address of the first on board LAN Interface.
    Also, I am able to change the MAC Address of the first on board LAN Interface (Ex.Gig0/0) but I cannot change the MAC Address of the VLAN SVI.
    I hope it helps.
    Regards,
    Arul
    ** Please rate all helpful posts **

  • Monitoring sessions invoked by a user SQL Developer

    Hello Everyone ,
    I am a DBA and lot of developers use SQL Developer for their tasks. Off late we have been facing few issues with SQL Developer.
    Developers close the working session by "alt+f4" and strangely their sessions are active in the DB's. What is the cause for this ?
    Rollback of DML statements takes hours for statements submitted by SQL Developer.
    Does OCI driver help in any way ?
    Is there any way that I can allow individual users to monitor their sessions in SQL Developer?
    Suppose a user connects with a generic application username "xyz" , can I allow the user "xyz"  to monitor sessions invoked by him and also provide him privileges to kill his/her own session.
    We are facing lot of performance issues , so help in this regard would be highly appreciated.
    Even pointing me towards appropriate documentation would do.
    Thanks in anticipation.

    1006957 wrote:
    I am a DBA and lot of developers use SQL Developer for their tasks. Off late we have been facing few issues with SQL Developer.
    Developers close the working session by "alt+f4" and strangely their sessions are active in the DB's. What is the cause for this ?
    Rollback of DML statements takes hours for statements submitted by SQL Developer.
    Does OCI driver help in any way ?
    Is there any way that I can allow individual users to monitor their sessions in SQL Developer?
    Suppose a user connects with a generic application username "xyz" , can I allow the user "xyz"  to monitor sessions invoked by him and also provide him privileges to kill his/her own session.
    We are facing lot of performance issues , so help in this regard would be highly appreciated.
    Even pointing me towards appropriate documentation would do.
    Once the DB begins work on a task it will continue that work until: 1) the work is complete, 2) an exception occurs or 3) it discovers that the client is no longer there.
    If you begin a transaction (complex query, sorts, etc) that is lengthy it may be a while before the DB even tries to communicate with the client. Then all of that work must be rolled back and the rollback (e.g. for an update or delete) can take much longer than the query took to begin with. That is just the way Oracle works.
    If a user connects as "xyz" then the only 'sessions invoked by him' are that ONE session. Any other user might also create a session by connecting as "xyz"; Oracle has no way of knowing if ALL sessions connecting as "xyz" belong to the same person or not.
    The ALTER SYSTEM privilege must be granted to allow someone to 'kill his/her own session' but that privilege would allow them to kill any other session, including system sessions.
    You could write a procedure to try to control the privilige, as in the following thread, but that also has risks:
    https://forums.oracle.com/thread/256935
    It is a DBA responsibility to control sessions, not the developers. You should NOT give this ability to the developers IMHO. If your developers are abusing your system it indicates that they need more training in how to prevent runaway queries. A common cause of the problem you describe is when a developer submits a query and then thinks they can just cancel it and start over and they DO NOT UNDERSTAND the first statement I made above: Oracle will keep working.
    The proper solution to your problem is to begin logging your developer's requests for session termination so that you can properly monitor the problem and detect developers that need additional instruction or mentoring to keep the problem from happening. Although anyone, even experts, can accidentally let a query get out of control, your problem doesn't occur very frequently for experienced developers.
    The DISCONNECT option only politely requests Oracle to terminate the session so it make take considerable time to clean everything up.
    If you really need to terminate the session you need to use DISCONNECT IMMEDIATE. See the disconnect session clause of alter system in the sql language doc
    http://docs.oracle.com/cd/B28359_01/server.111/b28286/statements_2013.htm#sthref4725
    {quote}
    DISCONNECT SESSION Clause
    Use the DISCONNECT SESSION clause to disconnect the current session by destroying the dedicated server process (or virtual circuit if the connection was made by way of a Shared Sever). To use this clause, your instance must have the database open. You must identify the session with both of the following values from the V$SESSION view:
      For integer1, specify the value of the SID column.
      For integer2, specify the value of the SERIAL# column.
    If system parameters are appropriately configured, then application failover will take effect.
      The POST_TRANSACTION setting allows ongoing transactions to complete before the session is disconnected. If the session has no ongoing transactions, then this clause has the same effect described for as KILL SESSION.
      The IMMEDIATE setting disconnects the session and recovers the entire session state immediately, without waiting for ongoing transactions to complete.  If you also specify POST_TRANSACTION and the session has ongoing transactions, then the IMMEDIATE keyword is ignored.
      If you do not specify POST_TRANSACTION, or you specify POST_TRANSACTION but the session has no ongoing transactions, then this clause has the same effect as described for KILL SESSION IMMEDIATE.
    {quote}

  • 30EA3: Monitor sessions grid freezes when scrolling lo last session

    Hi,
    I've found an issue with the Monitor Sessions grid.
    Steps to reproduce the problem (scenario I have tested an reproduced the issue)
    1. Open monitor sessions window
    2. Order the grid by "OS User" column (In this scenario, my "OS user" is the last one alphabetically)
    3. Scroll down in the grid, until reach the last record (as mentioned above, the last session is the same session that is monitoring since my user is the last one alphabetically)
    Then SQL Developer freezes, processor time and memory start to increase; and also, seems that SQL Developer window is trying to get the focus, so it doesnt let me navigate freely to other applications, is even difficult to open task manager to kill the process since SQL developer window in the background keeps getting the focus of mouse and keyboard.
    Thanks and regards
    Ramiro Teran

    Hi Raghu,
    1. As I mentioned, the scenario I tested was the "Monitor Sessions" grid, at first I only tested scrolling down to the last record, in the master grid using the mouse wheel, but now I have also tried crtl+end, and it also happens
    2. 184 records in parent grid (Sessions)
    3. The child grid is the "Active SQL" tab (first tab) of the detail of the session.
    4. Yes, there was a cell in master selected, but when scrolling down and reaching the bottom (or doing ctrl+end), then the last cell is selected automatically, and SQLDeveloper freezes.
    As mentioned in my first post, the SQLDeveloper not only freezes, but doesn't let you navigate to other windows (every couple of seconds SQLDeveloper gets focus on its window, even though is frozen)
    I have took an screenshot showing the issue, even though, maybe you can't appreciate the issue on an image, since the image only shows the last record of the monitor sessions grid selected, (at that time SQL developer is hanged, and doens't respond to clics or keyboard comands). Also it shows the Task Manager showing increased memory and CPU ussage from the SQL Developer process. If you're interested in this screenshot, let me know where/how to upload it
    Thanks and Regards
    Ramiro

  • App-V 5: An error was encountered while trying to stop the monitoring session

    Hello,
    I have a problem with sequencing an application with the App-V 5 sequencer. During the moment that the sequencer is collecting system changes an dialog box appears with the message "An error was encountered while trying to stop the monitoring session.
    Please check the event log for more details.". When I sequence the same application with App-V 4.6 SP2 sequencer I have no problems.
    In the eventviewer (Microsoft-AppV-Sequencer/Admin) you can see the message "An attempt to stop the monitoring session failed (startIndex cannot be large than lenght of string. Parameter name: startIndex). Event Id: 5003
    I have checked the background activities, but I couldn't find anything suspicious.

    Is the only difference between the platform the sequencer is hosted on the version of the sequencer? have you tested on a vanilla deployment of Windows?
    Please remember to click "Mark as Answer" or "Vote as Helpful" on the post that answers your question (or click "Unmark as Answer" if a marked post does not actually
    answer your question). This can be beneficial to other community members reading the thread.
    This forum post is my own opinion and does not necessarily reflect the opinion or view of my employer, Microsoft, its employees, or other MVPs.
    Twitter:
    @stealthpuppy | Blog:
    stealthpuppy.com |
    The Definitive Guide to Delivering Microsoft Office with App-V

  • How to enable routing between HWIC-4ESW and Onboard FE on cisco 1841 router..?

    Hello All,
    I have a cisco 1841 router, recently i have purchased HWIC-4ESW slot for my router. The module is working fine i could able to see additional FE ports(fe0/0/0,fe0/0/1...).Now problem comes in routing i.e. these HWIC-4ESW ports and Onboard FEs are not communicating.If any bode knows the solution kindly let me know the configuration details..
    Thanks,Sazz

    Hi,
    Look at the configs below.
    How can I use IP Routing so communication is possible across all subnets?
    Router>en
    Router#config t
    Router(config)#int fa0/0
    Router(config-if)#description ***INTERNET***
    Router(config-if)#ip address xxx.xxx.xxx.xxx 255.255.255.252
    Router(config-if)#no shut
    Router(config-if)#ip nat outside
    Router(config-if)#exit
    !On-board interface
    Router(config)#int fa0/1
    Router(config-if)#description ***LAN***
    Router(config-if)#ip address 10.0.xxx.xxx 255.255.255.0
    Router(config-if)#no shut
    Router(config-if)#ip nat inside
    Router(config-if)#exit
    Router#vlan database
    % Warning: It is recommended to configure VLAN from config mode,
      as VLAN database mode is being deprecated. Please consult user
      documentation for configuring VTP/VLAN in config mode.
    Router(vlan)#vlan 10
    VLAN 10 modified:
    Router(vlan)#vlan 20
    VLAN 20 added:
        Name: VLAN0020
    Router(vlan)#exit
    APPLY completed.
    Exiting....
    Router#config t
    Router(config)#int vlan 10
    Router(config-if)#ip address 172.16.xxx.xxx 255.255.255.0
    Router(config-if)#ip nat inside
    Router(config-if)#no shut
    Router(config-if)#exit
    Router(config)#int vlan 20
    Router(config-if)#ip address 192.168.xxx.xxx 255.255.255.0
    Router(config-if)#ip nat inside
    Router(config-if)#no shut
    Router(config-if)#exit
    !HwIC-4ESW interface
    Router(config)#int fa0/0/0
    Router(config-if)#switchport mode access
    Router(config-if)#switchport access vlan 10
    Router(config-if)#exit
    !HWIC-4ESW Interface
    Router(config)#int fa0/0/1
    Router(config-if)#switchport mode access
    Router(config-if)#switchport access vlan 20
    Router(config-if)#exit
    Router(config)#exit
    Router#copy run start
    Destination filename [startup-config]?
    Building configuration...
    [OK]
    Router#config t
    Router(config)#ip name-server xxx.xxx.xxx.xxx
    Router(config)#ip name-server xxx.xxx.xxx.xxx
    Router(config)#exit
    Regards,

  • Presales: HWIC-4ESW= on 2821 to increase Ethernet port?

    Hi there,
    I was not able to receive help from Cisco partner and distributor so I'm hoping that I'll get response from here.
    We have CISCO2821-V3PN/K9 whose two Gigabit ports are already used. I need additional Ethernet port to connect the router to the Internet Leased Line.
    Below "appears to be" the right product but the module is a switch which to my understanding is meant for connecting to the inside LAN rather than to the Internet.
    HWIC-4ESW= Four port 10/100 Ethernet switch interface card
    Grateful if someone could shed some light and give me the right product (part no.) we need to buy.
    Thanks in advance.
    Archie

    Hello Archie,
    a configuration for a VLAN on your 2821 would look like this:
    interface Vlan2
    ip address 192.168.1.1 255.255.255.0
    You can assign that VLAN, 2 in this case, to one of the switchports, just like you would assign it to a ´normal´, or better, external switch:
    interface FastEthernte0/1/0
    switchport access vlan 2
    Here is a link that provides information regarding VLANs in conjunction with the HWIC:
    How to Configure EtherSwitch HWICs
    http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00804554c7.html#wp1027188
    For more general information regarding VLANs, chekc this document:
    Creating and Maintaining VLANs
    http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a00800c9fd8.html
    HTH,
    GP

  • Grant issue with Monitoring Sessions

    I've searched high and low for the answer to this. I get an error when trying to Monitor Sessions (table/view don't exist) and that I need select grants on these objects:
    V$SESSION to beadiadbo, V$PROCESS, V$SESS_IO, V$SESSION_WAIT, V$SESSION_EVENT, V$ACCESS, V$SESSSTAT, V$STATNAME, V$OPEN_CURSOR, V$SQL, V$LOCK, V$SESSION_LONGOPS, SYS.V_$TRANSACTION, SYS.V_$ROLLNAME, V$SQLTEST_WITH_NEWLINES
    I've given SELECT grant to the user, but still get the error. Am I missing any other privileges?
    Much appreciated,
    Adam

    Hi Adam,
    According to the following forum search hit (monitor AND sessions), try GRANT SELECT ANY DICTIONARY:
    Monitor Sessions
    MONITOR SESSIONS on a user with just CONNECT, RESOURCE role grants will fail. Adding SELECT ANY DICTIONARY fixes it.
    Getting any finer grained than that gets hairy, e.g., doing a sql trace on your session to see which dictionary views get referenced.
    Regards,
    Gary Graham
    SQL Developer Team

  • ASR 1002 Monitor Session doesn't works.

    Hello,
    I am trying to configure a monitor session in a Cisco ASR1002 but it doesn't works (sniffer is on interface gigabitEthernet 0/0/3).
    My config is:
    monitor session 10 type local
    source interface GigabitEthernet0/0/0
    destination interface GigabitEthernet0/0/3
    and interfaces are up:
    #show interfaces GigabitEthernet0/0/0
    GigabitEthernet0/0/0 is up, line protocol is up
      5 minute input rate 241240000 bits/sec, 26651 packets/sec
      5 minute output rate 4000 bits/sec, 6 packets/sec
    #sh interfaces gigabitEthernet 0/0/3
    GigabitEthernet0/0/3 is up, line protocol is up (monitoring)
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
    Is very urgent for me so any help would be very appreciated.
    Thanks in advance for your help.
    Regards.
    Ruben.

    Hello,
    Please see below.
    http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/lanswitch/configuration/xe-3s/asr1000/lanswitch-xe-3s-asr1000-book/lnsw-conf-erspan.html#GUID-152D9875-169B-461F-A34B-ABAABD0C1FF8
    "The monitor session span-session-number type local command is not supported on Cisco ASR 1000 Series Routers."
             ===You may though configure ERSPAN to work as a local SPAN===
    *  Make sure that both the source session and destination session have the same erspan-id
    *  Use one locally configured IPv4 address to configure the "ip address" and "origin ip address" in source session and "ip address" in destination session
           Example snip: Monitor interface Gig0/0/0 traffic, and then send out through interface Gig0/0/1..
    monitor session 10 type erspan-source
    source interface Gi0/0/0
    destination
    erspan-id 10
    ip address 10.10.10.1
    origin ip address 10.10.10.1
    monitor session 20 type erspan-destination
    destination interface Gi0/0/1
    source
    erspan-id 10
    ip address 10.10.10.1

  • 2950C Unable to ping destination port in monitor session

    I have 2 Pix firewalls and a web filtering server running Surfcontrol. In order for Surfcontrol to filter web usage it has to see the traffic being sent to the firewall's. I have created a monitor session and have used the firewall ports as the source with transmit and receive, and the web filter server as the destination. However when I do this I am not able to ping the web filter server. The web filter is unable to function ie block websites based on the rules that we have setup if the destination port is unable to send packets to internal workstations.
    Is there anything I can do to allow the destination port to be able to send packets to internal workstations ??

    Hi Frined,
    When you configure SPAN destination port , that port will just work as a monitoring port and will not work for general network traffic.
    If you do " sh int" you will see line protocol down (monitoring)
    Now if you want that port to monitor as well as take part into normal network also you have to enable ingress traffic on the destination port
    "monitor session session_number destination interface interface-id [ingress vlan vlan id]"
    Check this link for more details
    http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12119ea1/2950scg/swspan.htm#1218090
    HTH
    Ankur

  • HWIC-4ESW routing

    What are the routing capabilities of the HWIC-4ESW?
    Can i configure a different IP subnet in each port?

    Hi,
    The following link gives full configuration guidelines for the HWIC-4ESW:
    http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00802c6bb6.html
    In answer to your question, yes - you can have a different IP subnet in each port. (And if it's a trunk you can have multiple IP subnets per port)
    HTH
    Andrew.

  • HWIC-4ESW

    folks
    i have a 2821 ISR with a HWIC-4ESW installed and a firewall running ospf on the end of one of the switch ports
    the switchport is assigned to a vlan and the vlan interface has an ip
    my problem
    the switchport is layer 2 and won't see the firewall, i can't even see a mac-address! the line is up as is the protocol so figure its a config problem
    i've tried setting the firewall interface in the same vlan number - no joy
    i need ospf to run between the firewall and the router - has anyone any idea of what i can do
    i think there's a compatibility problem with the HWIC-4ESW and may need another L3 card - can i get one for the 2821?
    thanks to anyone taking the time to reply

    This should have no problem communicating. Can you try to provide the following:
    1. show diag
    2. show run int fa x/x >> the switchport connecting to the firewal.
    3. sho run inter vlan x >> the vlan created for the port connecting to the firewall.
    4. Is the interface vlan up/up? You mentioned the l2 port but was the interface vlan up/up?
    Did you try pinging from 2821 to the firewall's interface ip address, the interface connecting to the L2 port.
    Please rate all posts.

Maybe you are looking for

  • Titles templates a different between MAC and Windows

    Adobe is very incompetent on delivering content.My company is considering moving to the windows version, so we create this Windows server to host only Premiere Pro CS6. Well, the Titles are not there (trial version), so we download the file, unzip it

  • Invoice deletion in SRM system

    Hi All, We are using the extended classic scenario.An invoice has to be deleted from SRM system having staus "awaiting approval". (p.s:the invoice is still in the SRM system and it is not posted in the backend) When we  tried deleting the invoice ,a

  • Exporting as html

    Forgive me for being new and inexperienced with both Fireworks and this forum, but I am having trouble exporting a fireworks png file to dreamweaver. Tghe file is showing up in DW but we are having trouble manipulating it. sssThe FW file itself is ki

  • Outage in NJ?

    I'm guessing that I'm not alone here, but does anyone else frind themselves without service in New Jersey (Morris County specifically)? I figure that with the snow and all of the downed trees and power lines that something must be up, but I want to m

  • Silly Question - Its really annoying

    In the Safari banner bar, like very other user I guess, I have the Google Search bar to the right but every time I put something in there it looks at American sites and brings up US prices etc. How do I get it to search UK sites ?? Can I change it ??