Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
544
Views
0
Helpful
3
Replies

IPS 4240 Inline Pair - Physical connectivity

lee.reade
Level 4
Level 4

‎09-02-2005 03:04 PM - edited ‎03-10-2019 01:37 AM

Hi People,

I am installing my first IDS/IPS vers 5.0 next week and I have everything pretty much in check with regard to config.

However there is one aspect that I am not clear on and can find no information on, that is how to you physically cable the two inline ports.

From my understanding, it works in a way that traffic comes in one port and out the other, therefore do you need to cable the in port back to back with the other device sourcing the traffic (in this case firewall) or do you just put the two cables into the same switch/vlan as the other devices??

If anyone can shed some light on this, no matter how simple it is I'd be very gratefull!!

Thanks

LR

Labels:
0 Helpful
3 Replies 3

scothrel
Level 3
Level 3

‎09-02-2005 04:58 PM

Lee,

In its simplest form, think of the IPS (in inline mode) as a wire.

Literally.

All of the cabling restriction of plugging a wire into a switch apply.

There are advanced configurations possible with trunking and vlans and other options...but at its simplest (and a very good place to start), its a wire.

Scott

0 Helpful

lee.reade
Level 4
Level 4
In response to scothrel

‎09-04-2005 07:47 AM

Hi Scott,

Thanks for the reply, however I still am a little confused!

Is the inline connection a logical or physical one? I do not understand how the IPS can stop traffic being sent to a host unless it is physically cabled to be right next to the default gateway.

For example;

LAN--IPS--FIREWALL--GATEWAY

therefore this must mean that you have one interface going into the LAN switch with all your internal systems and the other interface of the inline pair going into the firewall direct.

From what I have found on the web if the IPS is turned off then you lose the connection, therefore it must be a physical connection.

I cannot find any info on cabling the IPS inline pair, can you advise if I am correct above and that for my case one interface goes into LAN switch and one goes back to back with firewall??

Any advice appreciated!

Rgds

LR

0 Helpful

scothrel
Level 3
Level 3
In response to lee.reade

‎09-05-2005 10:06 PM

Lee,

Your scenario is logically correct. The physical implementation can vary depending on if your firewall is a seperate physical device or integrated into your switch, etc.... When I said to think of the IPS as a wire...think patch cable. You can put it inline anywhere you would normally run a patch cable. So it could go between the gateway and firewall if you wanted; between the firewall and switch as you drew; or between the switch and an endpoint such as a server.

Scott

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card