topic IDS: Configuring Blocking on PIX in Network Security https://community.cisco.com/t5/network-security/ids-configuring-blocking-on-pix/m-p/123188#M639539 <P>I'm looking for help in configuring our IDS 2410 v3.1 to use our PIX for IP Blocking.</P><P></P><P>IDS will sit and sniff between the outside interface of the PIX and our ISP's router. The management port of the IDS wil be routed thru a switch on the inside network which uses the PIX inside interface as a gateway.</P><P></P><P>Setup of blocking calls for an IP address of the PIX. Should that be the IP of the outside or inside interface?</P><P></P><P>I see that on the PIX we are not able to define which interface to use for blocking. So, which interface does the blocking? (perhaps the IP we input above?)</P><P></P><P>Thanks for any help.</P><P>Tony</P><P></P><P></P><P> </P> Fri, 21 Feb 2020 06:32:07 GMT tscislaw_2 2020-02-21T06:32:07Z IDS: Configuring Blocking on PIX https://community.cisco.com/t5/network-security/ids-configuring-blocking-on-pix/m-p/123188#M639539 <P>I'm looking for help in configuring our IDS 2410 v3.1 to use our PIX for IP Blocking.</P><P></P><P>IDS will sit and sniff between the outside interface of the PIX and our ISP's router. The management port of the IDS wil be routed thru a switch on the inside network which uses the PIX inside interface as a gateway.</P><P></P><P>Setup of blocking calls for an IP address of the PIX. Should that be the IP of the outside or inside interface?</P><P></P><P>I see that on the PIX we are not able to define which interface to use for blocking. So, which interface does the blocking? (perhaps the IP we input above?)</P><P></P><P>Thanks for any help.</P><P>Tony</P><P></P><P></P><P> </P> Fri, 21 Feb 2020 06:32:07 GMT https://community.cisco.com/t5/network-security/ids-configuring-blocking-on-pix/m-p/123188#M639539 tscislaw_2 2020-02-21T06:32:07Z Re: IDS: Configuring Blocking on PIX https://community.cisco.com/t5/network-security/ids-configuring-blocking-on-pix/m-p/123189#M639540 <HTML><HEAD></HEAD><BODY><P>Correction....I used the wrong term in describing the command/control port as "management port".</P><P></P><P>The command/control port is connected to our inside switch.</P><P></P><P>I'm told by Cisco TAC that I should use the inside if IP address but I'm still confused as to where blocking occurs.</P><P></P><P>Cisco says inside but what about traffic that's routed to our DMZ interface that never reaches the inside interface? How does that get shunned?</P><P></P><P>T.</P></BODY></HTML> Tue, 04 Feb 2003 19:47:40 GMT https://community.cisco.com/t5/network-security/ids-configuring-blocking-on-pix/m-p/123189#M639540 tscislaw_2 2003-02-04T19:47:40Z