Connecting Cisco Intrusion Detection System Router Modules

Table Of Contents

Connecting Cisco Intrusion Detection System Network Modules

CIDS Network Modules

Connecting CIDS Network Modules to the Network

CIDS Network Module LEDs

Online Insertion and Removal with a CIDS Network Module

Related Documents

Cisco IDS Software Documentation

Connecting Cisco Intrusion Detection System Network Modules

This chapter describes how to connect Cisco intrusion detection system (CIDS) network modules for modular access routers and contains the following sections:

• CIDS Network Modules

• CIDS Network Module LEDs

• Online Insertion and Removal with a CIDS Network Module

• Related Documents

Tip To determine whether your router supports a specific network module, see Table 1-6 on page 1-16.

CIDS Network Modules

This section provides information on the CIDS network module (NM-CIDS-K9) (see Figure 22-1)

Caution To comply with the Telcordia GR-1089 NEBS standard for electromagnetic compatibility and safety, connect the CIDS network module (NM-CIDS-K9) only to intrabuilding or nonexposed wiring or cabling. The intrabuilding cable must be shielded and the shield must be grounded at both ends.

Figure 22-1 Faceplate for the NM-CIDS-K9 Network Module

Connecting CIDS Network Modules to the Network

To connect a CIDS network module to the network, use a straight-through two-pair Category 5 unshielded twisted-pair (UTP) cable to connect the RJ-45 port on the CIDS network module to a switch, hub, repeater, server, or other network device. (See Figure 22-2.)

Note RJ-45 cables are not available from Cisco Systems. These cables are widely available and must be Category 5 cables.

Caution To comply with the Telcordia GR-1089 NEBS standard for electromagnetic compatibility and safety, connect the CIDS network module (NM-CIDS-K9) only to intrabuilding or nonexposed wiring or cabling. The intrabuilding cable must be shielded and the shield must be grounded at both ends.

Figure 22-2 Connecting a CIDS Network Module to a Fast Ethernet Hub

CIDS Network Module LEDs

All network modules have an enable (EN) LED. This LED indicates that the module has passed its self-tests and is available to the router.

All CIDS network modules display an additional power (PWR) LED and a CompactFlash (CF) LED on the faceplate, and two additional LEDs for the Fast Ethernet port (see Figure 22-3 and Table 22-1).

Figure 22-3 CIDS Network Module LEDs

Table 22-1 CIDS Network Module LEDs

LED

Meaning

ACT

There is activity on the Fast Ethernet connection.

CF

The CompactFlash module is active.

Note Since CompactFlash is not supported on the NM-CIDS-K9, this LED is not active except during self-test.

DISK

There is activity on the 20-GB disk expansion module hard drive.

EN

The module has passed self-test and is available to the router.

LINK

The Fast Ethernet connection is available to the network module.

PWR

Power is available to the network module.

Online Insertion and Removal with a CIDS Network Module

Some Cisco modular access routers allow you to replace network modules without switching off the router or affecting the operation of other interfaces. This feature is called online insertion and removal (OIR). OIR of network modules provides uninterrupted operation to network users, maintains routing information, and ensures session preservation.

Caution Unlike other network modules, CIDS network modules use hard disks. Online removal of disks without proper shutdown can result in file system corruption and might render the disk unusable. The operating system on the CIDS network module must be shut down in an orderly fashion before the network module is removed.

Caution Cisco routers support OIR with similar modules only. If you remove a network module, install another module exactly like it in its place. If you remove a two-slot network module (along with any installed WAN or voice interface cards), install another module and card combination exactly like it.

For a description of informational and error messages that may appear on the console during this procedure, see the hardware installation guide for your type of router.

To perform online removal of a CIDS network module and insertion of a replacement, follow these steps with the router in privileged EXEC mode:

Step 1 Perform a graceful halt of the CIDS network module by using the following command:

Router# service-module IDS-Sensor slot/0 shutdown
Trying 10.10.10.1, 2129 ... Open

Wait for the following status message (it may take a minute or two):

%SERVICEMODULE-5-SHUTDOWN2:Service module IDS-Sensor1/0 shutdown complete

Step 2 Unplug the network interface cable from the CIDS network module.

Step 3 Loosen the two captive screws holding the CIDS network module in the chassis slot.

Step 4 Slide the CIDS network module out of the slot.

Step 5 Align the replacement CIDS network module with the guides in the chassis slot, and slide it gently into the slot.

Note If the router is not fully configured with network modules, make sure that blank panels fill the unoccupied chassis slots to provide proper airflow.

Step 6 Push the module into place until you feel its edge connector mate securely with the connector on the backplane.

Step 7 Reconnect the network interface cable previously removed in Step 2.

Step 8 Tighten the two captive screws on the faceplate.

Step 9 Reset the CIDS network module using the reset command.

Router# service-module IDS-Sensor slot/0 reset

Use reset only to recover from shutdown or failed state
Warning: May lose date on the hard disc!
Do you want to reset?[confirm]

Step 10 Press Enter to confirm the request. The CIDS network module resets itself.

Step 11 Check that the network module LEDs are on and that the power and enable LEDs on the front panel also are on. This inspection ensures that connections are secure and that the new unit is operational.

Related Documents

For additional information, refer to the following documents.

Tip For information on obtaining documentation, see the "Obtaining Documentation" section on page viii. For information on obtaining technical assistance, see the "Obtaining Technical Assistance" section on page xi.

Cisco IDS Software Documentation

Tip For more information on Cisco IDS software documentation, see the Cisco Intrusion Detection System (IDS) Hardware and Software Documentation Guide.

For a list of caveats, documentation changes, and important last-minute information for Cisco Intrusion Detection System Version 4.1, see the Release Notes for the Cisco Intrusion Detection System Version 4.1.

For a quick overview of the tasks required to install and initially configure Cisco IDS components, see the Quick Start Guide for the Cisco Intrusion Detection System Version 4.1.

For installation instructions for all Cisco IDS version 4.1 hardware components, including appliances, modules, accessories, and upgrades (such as the IDS XL card), and basic configuration tasks using command line interface (CLI), see the Cisco Intrusion Detection System Appliance and Module Installation and Configuration Guide Version 4.1.

For information on installing and using Cisco IDS Device Manager and Cisco IDS Event Viewer, see the Installing and Using the Cisco Intrusion Detection System Device Manager and Event Viewer Version 4.1.

For IDS CLI reference, including syntax and usage guidelines, see the Cisco Intrusion Detection System Command Reference Version 4.1.

LED	Meaning
ACT	There is activity on the Fast Ethernet connection.
CF	The CompactFlash module is active. Note Since CompactFlash is not supported on the NM-CIDS-K9, this LED is not active except during self-test.
DISK	There is activity on the 20-GB disk expansion module hard drive.
EN	The module has passed self-test and is available to the router.
LINK	The Fast Ethernet connection is available to the network module.
PWR	Power is available to the network module.