4250-XL

mlipsey · ‎05-31-2005

I'm a bit new to the IDS/IPS world but we have just received two 4250-XLs and I was going to use the ethernet monitor port but it simply won't let me. Reading the literature online it looks like this port is not useable as a monitoring port in the XL model and that I have to use the fiber ports.

Is this true?

mlipsey · ‎06-01-2005

Seems to be the case.

marcabal · ‎06-01-2005

It depends on the software version.

In the original 4.x software the onboard copper TX monitoring interface could notbe used for monitoring while an XL card was installed.

This is because the XL card had ot have a special driver and that driver could only control the fiber ports of the XL card.

In version 4.x if you wanted to monitor using the copper interface and not the 2 fiber ports of the XL card, then you need to physically remove the XL card. A different driver would then be loaded and you could monitor the copper interface.

In version 5.0 this was changed. The 2 drivers were combined so that both the XL fiber ports and the onboard copper port could be monitored at the same time.

So in 5.0 the onboard copper port is selectable as a promiscuous monitoring interface.

NOTE1: The onboard copper interface does not have the hardware acceleration of the 2 XL fiber ports. So performance when using the copper interface will be much less than the performance when using the fiber ports.

NOTE2: The copper interface should not be combined with a fiber interface as part of an InLine interface pair for doing InLine IPS monitoring with version 5.0.

Only the pairing of the 2 fiber ports for InLine monitoring was tested and is supported by Cisco.