Showing results for 
Search instead for 
Did you mean: 

Configuring speed and duplex settings of monitoring NIC under IDS v4.1


Good day,

While I know that, unlike IPS v5.0 where you can configure interface-specific settings via IDM, you cannot adjust interface settings using IDM in v4.1.

I was wondering if it was possible to set these things, however, via the service account?

Can someone share their suggestions, supported or not, on how to do this? Is it just a simple Google for "NIC settings Red Hat Linux 9" or is it more involved?

Thanks in advance to any who reply,

Alex Arndt

1 Accepted Solution

Accepted Solutions

Using the service account you can create a file "/etc/options.conf" with a line that looks like:

E1000_OPTIONS='Duplex=0,0,1,2 Speed=1000,1000,100,0'

After a reboot, this will manually configure Nic1=Auto,1000 Nic2=Auto,1000 Nic3=half,100 Nic4=full,auto

Duplex: 0=auto, 1=half, 2=full

Speed: 0(auto), 10,100,1000

View solution in original post

7 Replies 7


It is possible to temporarily configure interface speed/duplex using the service account in 4.x, but all changes will be overwritten by the default settings after a reboot. Hard coding these values is not recommended or supported on any sensor running 4.x software since a reboot could leave the sensor in an inaccessible state due to a speed/duplex mis-match.


What about a situation where you will be connecting the monitoring port of a v4.1 sensor to a passive TAP that is inline on a link with hard-coded interfaces?

It is my understanding that any device connected to a passive TAP, that is one that has two network ports and two monitoring ports (one for each TX pair), must be configured the same. So, if the two devices at either end of the tapped line are forced to specific speed and duplex settings, so should the NIC cards on the device(s) connected to the monitoring ports of the TAP.

Given this, can you provide the best practice for a v4.1 sensor? Could you also provide specifics on how to force-set the speed and duplex on the monitoring NIC, not the command and control interface, in such a way that it will survive a reboot?

Thanks in advance,

Alex Arndt