My client has an ISDM-2 blade in their 6504 chassis.  They want to scan the following traffic:

Internet traffic to server network

Student traffic to server network

Internet traffic to student networks

The current configuration uses VACL's to send the traffic to the IPS, but when I look at the IPS with the GUI, it says that port g0/7.0 is a promiscuous interface.  From what I read (this is my first go around with this blade), that when you are using VACL's, the IPS is in promiscous mode.  If that is the case, I would think I need to configure the 6504 to use inline mode.

Here is my situation/question.  The traffic fo the student network is on multiple vlans.  I see that I can configure a range on the following command:

intrustion-detection module 4 data-port 2 access-vlan (vlan-range)

However, the student vlans are not in a continuous range (i.e. 20-30), they are broken up.  So what I am wondering is if I can have multiple of the above command (like below)

intrustion-detection module 4 data-port 2 access-vlan 1-11

intrustion-detection module 4 data-port 2 access-vlan 20-22

intrustion-detection module 4 data-port 2 access-vlan 24

intrustion-detection module 4 data-port 2 access-vlan 28

Let me know if this makes sense and if you have more questions.

TIA.

Dan