Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1086
Views
0
Helpful
5
Replies

AIM-IPS-K9 with 2811

cmhcsecurity
Level 1
Level 1

‎12-01-2008 06:48 AM - edited ‎03-10-2019 04:23 AM

Good day,

I am trying to find config. example to enable inline monitoring on the AIM card.

AIM-IPS-K9 with 2811

Also, I would like to bypass all the VoIP traffic from traversing the AIM card. I think this can be accomplished with an access list on the Gig interface of the AIM card.

Having some issues finding info. on AIM cards.

Thanks,

Labels:
0 Helpful
5 Replies 5

mdreelan
Level 1
Level 1

‎12-01-2008 08:35 AM

ids-service-module monitoring inline access-list myacl

I actually use this command on the data sub-interface (and that bypasses voip --although there are voip specific signatures --) . I did have some problems in a few tests I ran trying to use the IPS inline and use and ACL, so please let me know your results.

Complete Interface Example:

interface FastEthernet0/0.90

description DATA

encapsulation dot1Q 90 native

ip address 10.5.90.1 255.255.255.0

ip helper-address 172.17.5.20

ids-service-module monitoring inline

0 Helpful

ROBERTO TACCON
Level 4
Level 4
In response to ROBERTO TACCON

‎12-16-2008 12:57 AM

May I ask you the following:

- what happens to inline traffic when you exceed the declared throughput ? Is traffic dropped or is it forwarded without IPS inspection ?

0 Helpful

marcabal
Cisco Employee
Cisco Employee
In response to ROBERTO TACCON

‎12-16-2008 08:22 AM

Traffic that doesn't get analyzed by the sensor because of exceeding throughput will be dropped.

I see that you are using an AIM-IPS-K9.

If you think you will be near the performance limits of the AIM, then you might consider purchasing an NME instead which has higher performance.

You might also consider analyzing the type of traffic going through your router and see if you want to permit some of the traffic through without being analyzed by the AIM.

You can create an access-list to permit that traffic you do not want analyzed and the router will route it through without sending it to the AIM. Simply create the access-list and add the access-list to the end of the ids-service-module command:

ids-service-module monitoring inline access-list 101

0 Helpful

ROBERTO TACCON
Level 4
Level 4
In response to marcabal

‎12-16-2008 08:42 AM

Thansk in advance for the reply.

I can't find an answer to the following q:

Need to know the performance about the Cisco router 28XX.

In particular I've found on cisco web site for the Cisco router 2821 the following info:

Firewall performance : 208 Mbps

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/C78-345384-04_CiscoIntegratedFirewallSolutions.html

Routing PPS (64 Byte): 170,000 (87.04 Mbps)

http://www.cisco.com/web/partners/tools/quickreference/index.html

Can you help me cause I can't understand why the firewall performance are better than the routing performance ?

Thanks in advance, best regards

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card