search

McAfee GUARD DOG 2 Przewodnik Instalacji Strona 10

  • Pobierz
  • Dodaj do moich podręczników
  • Drukuj
Przeglądanie stron 9
6
McAfee
®
IntruShield
®
IPS System IntruShield Best Practices
Special Topics: Best Practices Ensuring connectivity between the sensor and other network devices
1
Valid auto-negotiation and speed configurations
The table below summarizes all possible settings of speed and duplex for IntruShield
sensors and switch ports.
Gigabit auto-negotiation (no link to connected device)
Gigabit Ethernet has an auto-negotiation procedure that is more extensive than that
which is used for 10/100 Mbps Ethernet (per Gigabit auto-negotiation specification IEEE
802.3z-1998). The Gigabit auto-negotiation negotiates flow control, duplex mode, and
remote fault information. You must either enable or disable link negotiation on both
ends of the link. Both ends of the link must be set to the same value or the link will not
connect.
If either device does not support Gigabit auto-negotiation, disabling Gigabit
auto-negotiation forces the link up.
Troubleshooting a Duplex Mismatch with Cisco Devices
When troubleshooting connectivity issues with Cisco switches or routers, verify that
the sensor and the switch/routers are using a valid configuration. The
show intfport
<port>
command on the IntruShield sensor CLI will help reveal errors.
Sometimes there are duplex inconsistencies between IntruShield and the switch port.
Symptoms include poor port performance and frame check sequence (FCS) errors that
increment on the switch port. To troubleshoot this issue, manually configure the
switchport to 100 Mbps, half-duplex. If this action resolves the connectivity problems,
you may be running into this issue. Contact Cisco's TAC for assistance.
IntruShield
Configuration
10/100 port
(Speed/Duplex)
Configuration of
Switch
(Speed/Duplex)
Resulting Sensor
Speed/Duplex
Resulting
Catalyst
Speed/Duplex
Comments
100 Mbps
Full-duplex
1000 Mbps
Full-duplex
No Link No Link Neither side establishes
link, due to speed
mismatch
100 Mbps
Full-duplex
AUTO 100 Mbps
Full-duplex
100 Mbps
Full-duplex
Duplex Mismatch 1
100 Mbps
Full-duplex
1000 Mbps
Full-duplex
100 Mbps
Full-duplex
100 Mbps
Full-duplex
Correct Manual
Configuration2
100 Mbps
Half-duplex
AUTO 100 Mbps
Half-duplex
100 Mbps
Half-duplex
Link is established, but
switch does not see any
auto-negotiation
information from
IntruShield and defaults
to half-duplex when
operating at 10/100
Mbps.
10 Mbps
Half-duplex
AUTO 100 Mbps
Half-duplex
100 Mbps
Half-duplex
Link is established, but
switch does not see Fast
Link Pulse (FLP) and
defaults to 10 Mbps
half-duplex.
10 Mbps
Half-duplex
1000 Mbps
Half-duplex
No Link No Link Neither side establishes
link, due to speed
mismatch.
Przeglądanie stron 9
1 2 ... 5 6 7 8 9 10 11 12 13 14 15 ... 24 25

Komentarze do niniejszej Instrukcji

Brak uwag
Powiązane produkty i podręczniki dla Nie McAfee GUARD DOG 2
Nie McAfee M3050 - Network Security Platform Przewodnik Instalacji   (44 strony)
Nie McAfee VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009 Instrukcja Użytkownika   (13 strony)
Nie McAfee GOLD - SUPPORT Instrukcja Użytkownika   (38 strony)
Nie McAfee VIRUSSCAN 5.1 Informacje Techniczne   (8 strony)
  • Clear jet Weatherhawk Aga-electric-range No Brand Peltor
  • Fostex Dyktafony Electrolux Grille NHT Dodatkowe wyposażenie muzyczne Falmec Okapy kuchenne Keys Fitness Nie
  • Dell 1209S Projector Samsung GT-E1170I Basement-watchdog Emergency Sony WM-EX615
  • Brother HL-2220 Podręcznik Użytkownika LG V271 Instrukcja Użytkownika Fypon Mouldings Instrukcja Użytkownika Dell PowerEdge T710 Przewodnik Szybki Start Skyrc eFuel 1200W Power Supply Instrukcja Użytkownika