IPS Module Sync NTP Server Error

So working on an IPS module. I finally got it up and running with a reload and install of an upgrade package. However the NTP server would not sync even though it was configured correctly!



When adding an IPS module to the IPS Manager Express you may come across the following error.  In order to fix this we need to re-associate the time clock and make sure that the local host and the IPS are actually in sync.

What to check:

1. Check NTP Configuration 

 IPS# sh clock - Check clock to make sure it is in sync or not with the actual NTP Server / ASA host

14:44:29 GMT-06:00 Tue May 28 2013

 IPS# sh statistics host - Check the configuration of the host to make sure that it is actually synchronized and associating to the correct NTP source
General Statistics
   Last Change To Host Config (UTC) = 28-May-2013 18:18:06
   Command Control Port Device = Management0/0
Network Statistics
    = ma0_0     Link encap:Ethernet  
    =           inet addr:1.1.1.107  Bcast: 1.1.1.255 Mask:255.255.255.0
    =           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    =           RX packets:26100 errors:0 dropped:0 overruns:0 frame:0
    =           TX packets:26088 errors:0 dropped:0 overruns:0 carrier:0
    =           collisions:0 txqueuelen:1000
    =           RX bytes:8393742 (8.0 MiB)  TX bytes:7143148 (6.8 MiB)
NTP Statistics
    =      remote           refid      st t when poll reach   delay   offset  ji                                      tter
    = *1.1.1.10    LOCAL(1)         4 u   87  128  377    1.184   -0.510   0                                      .069
    =  LOCAL(0)        LOCAL(0)        15 l   45   64  377    0.000    0.000   0                                      .008
    = ind assID status  conf reach auth condition  last_event cnt
    =   1 58492  b624   yes   yes  none  sys.peer   reachable  2
    =   2 58493  9024   yes   yes  none    reject   reachable  2
   status = Synchronized

Below this is multiple steps to take in order to deal with re-syncing the IPS Module. 
2. Re-configure the NTP Server in the IPS 
 CMD:
config t
service host
ntp-option disable
ntp-option enable-ntp-unauthenticated
ntp server X.X.X.X


3. Reload the IPS Module
   Reloading the IPS module will bring back the module by doing a soft restart and trying to re-confirm the NTP source.

CMD:  (from an ASA)  hw-module module 1 reload 
             (check state of IPS from ASA)  show module 1 details

4. If all else fails ( which it did in this scenario )  

Change the timezone of the IPS module. Change it to any other zone that you are NOT in. Then change it back to your current timezone. 

CMD:
config t
service host
time-zone-settings
standard-time-zone-name (TIMEZONE)
offset (Offset in Minutes)

*****Changing timezone will require the sensor to reboot.


Comments

Post a Comment

Popular posts from this blog

HULC LED PROCESS - 3750 High CPU

Image
If you're looking at a switch and you see the HULC LED Process running high. The HULC LED process does some of the following tasks: 1. Check link status on every port 2. If the switch supports POE, it checks to see if there is a power device 3. Transceiver checks 4. Fan status updates 5. Set LED ports 6. Check on temperature status Overall the HULC LED Process is a monitoring process running. During looking into this I turned off all non-used ports since it checks the link status. Then I made sure the environment was good. Two Cisco Bugs: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsi78581 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtn42790
Read more

Cisco Tomcat High CPU Utilization 99 percent

Image
So a client was experience slow web interface usage to their calling node. As well RTMT was shooting off the alert. The alert is for Call Process CPU Node Pegging.  The culprit tomcat! Cisco Tomcat Service -  In enterprise edition this is a web server service. In the business edition (BE Servers) this uses the web server and unity utilizes the service as well. Log in to each call manager node and issue the following command: show process load cpu **OUTPUT** top - 08:55:48 up 340 days, 4:03, 1 user, load average: 4.64, 3.25, 2.98  Tasks: 142 total, 2 running, 140 sleeping, 0 stopped, 0 zombie  Cpu(s): 16.3%us, 3.4%sy, 0.0%ni, 80.1%id, 0.1%wa, 0.0%hi, 0.2%si, 0.0%st  Mem: 4016964k total, 3856400k used, 160564k free, 29904k buffers  Swap: 2064280k total, 1664k used, 2062616k free, 598124k cached  PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND  8065 tomcat 25 0 2317m 1.9g 22m S 99.4 50.4 358084:37 tomcat  1 root 15 ...
Read more