Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1798
Views
0
Helpful
1
Replies

CISCO IPS Inline mode configuration

sidcracker
Level 4
Level 4

‎12-13-2010 03:42 PM - edited ‎03-10-2019 05:12 AM

Hello Everyone,

I am going to be implementing an HA Cisco IPS appiiance using inline mode.

This is my diagram..

                         SWITCH 1   -----------------  SWITCH 2

                               |                                    |

                               |                                    |

                               |                                    |

                               |                                    |

                          Cisco IPS                    Cisco IPS

                                |                                   |

                                |                                   |

                                |                                   |

                                |                                   |

---------------------------------------------------------------------------------------

|                                                                                      |

|                         CISCO SWITCH                                     |---------------------Another CISCO SWITCH

|                                                                                      |                                        |

---------------------------------------------------------------------------------------                                 SERVER FARMS

                                          |

                              SERVER FARMS

If there are multiple vlans on the switch connecting to the server farms, then the interface connecting the IPS to the CISCO SWITCH, will be like a mirrored port getting packets from all vlans in all interfaces. Otherwise how else will the IPS get packets from all the servers?

Thanks

Sid

Labels:
0 Helpful
1 Reply 1

rhermes
Level 11
Level 11

‎12-14-2010 10:37 AM

The title of your post indicates that you want to place your IPS Sensors in-line.

Mirroring traffic is used with promiscious mode (also called passive or IDS mode).

If your server switch has multiple VLANS that you want to inspect inline, you will need to create VLAN Pairs in the IPS Sensor (one pair for each VLAN you want to inspect). The sensor will translate a VLAN on the server side to a different VLAN on the network side (or whereever Switch 1 and 2 take your traffic). These two VLANS will have different VLAN numbers.

- Bob

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card