Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
845
Views
0
Helpful
1
Replies

Inline IPS between core switch & FWSM

ramikamel911
Level 1
Level 1

‎05-22-2011 05:35 AM - edited ‎03-10-2019 05:21 AM

Hi Guys,

I want to connect the IPS appliance inline between the outside interface vlan (which located on the switch) and the Inside interface vlan which located on the firewall module, how can i do that? any solution for that?

Regards,

Rami

Labels:
0 Helpful
1 Reply 1

rhermes
Level 7
Level 7

‎05-23-2011 08:24 AM

If I understand your question correctly, you have an IPS appliance, like a 4200 series appliance that you want to connect to your 6500/7600 switch. This is pretty easy: Create an interface on your switch in each of the two VLANs, cable these to your IPS sensor, configure your sensor for these two as "interface pairs" and you should be good to go.

If you want some traffic reliability on top of this, add two additional interfaces, one in each VALN, cable them together, make sure Spanning Tree Protocol is running on these VLANs and make the STP metric of this interface higher than the default interface of the IPS connection. This will provide a "fail-open" patch for your traffic when the sensor dies, reloads or stops passing layer 2 traffic.

- Bob

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card