Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
437
Views
0
Helpful
1
Replies

Configuring IDSM-2 Promiscuous Mode with MLS IP IDS

jstewart
Level 1
Level 1

‎08-01-2005 06:42 AM - edited ‎03-10-2019 01:34 AM

I am having a problem configuring promiscuous mode with an IDSM-2 running 5.0(3)S181.0 in a 6509 with Sup 720 running IOS 12.2(18)SXD4. I am running router interfaces without VLANs so I have created an extended access list with a 'permit ip any any' and configured this on my interfaces with 'mls ip ids access-list-name'. I configured 'intrusion-detection module x data-port 1 capture' and 'intrusion-detection module x data-port 2 capture', and because of the caution note on page 14-12 of 78-16127-01 I also configured 'intrusion-detection module x data-port 1 capture allowed-vlan 1-4094' and 'intrusion-detection module x data-port 2 capture allowed-vlan 1-4094'. After that I can see the output counters rising in 'show 'intrusion-detection module x data-port 1 traffic' and 'show 'intrusion-detection module x data-port 2 traffic'. I can configure the IDSM-2 using the VMS management center, and I added my sensor to security monitor and set the level down to informational, but I don't even see any events or even the start-up informational message. Anyone have any idea what I missed?

Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎08-05-2005 11:37 AM

Here is a document on Configuring the Catalyst Series 6500 Switch for IDSM-2 in Promiscuous Mode.

http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_configuration_guide_chapter09186a0080459221.html#wp1030752

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card