cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
1185
Views
1
Helpful
2
Replies
Participant

IDSM-2 - FWSM

Hello,

I have two questions on the IDSM-2:

1- How can I inspect inline the FWSM outside/dmz interfaces?


I followed this doc  http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1068377

I understand that I'm bridging the L2 with the L3 Vlans, but on the FWSM how would that work ?

I have 2 L2 vlans:

  • Vlan 20 the outside with my ISP router on the segment.
  • Vlan 60 the DMZ with a couple servers.

My FWSM config:

firewall multiple-vlan-interfaces

firewall module 1 vlan-group 10

firewall vlan-group 10  20,50,60,100

!

!

interface Vlan20

no ip address

shutdown

!

interface Vlan60

no ip address

shutdown

2 - I also want to inspect my vlan 300 L2 with users and my 301 L3 as SVI

intrusion-detection module 6 management-port access-vlan 100

intrusion-detection module 6 data-port 1 trunk allowed-vlan 300,301

This is correct right ?

Thank you !

Everyone's tags (3)
2 REPLIES 2
Highlighted

IDSM-2 - FWSM

You have to make an inline VLAN pair for each segement you want to monitor in the IDSM and add each of them to the trunk. For better separation of load, you could divide the VLANs over two different interfaces on the IDSM.

Please search the forum, I have posted sample configs multiple times and let me know if you are not able to find those old posts.

Please rate if helpful.

Regards

Farrukh

Beginner

IDSM-2 - FWSM

Create a Inline vlan pair

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards