cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

658
Views
0
Helpful
1
Replies
Colin Higgins
Explorer

Setting up sensor in inline interface pair mode

I have never set up a sensor in inline interface pair mode, and I had a couple of questions about it

It is my understanding that traffic from one vlan would be forwarded to another through the sensor (and then you would set up your ispection policies).

But how then would you set up the SPAN or capture ACLs on the switching side? A monitor session will put a port in a disabled mode (although I think you can use the monitor session x destination <interface> ingress to allow traffic from it).

Or would you use the

switchport capure

command with FSPAN on both interfaces?

Any advice would be great           

1 ACCEPTED SOLUTION

Accepted Solutions
sawgupta
Beginner

Hi,

For inline-pair, configuration should be something like this

Assuming switchport to be 1/1 and 1/2. IPS port Gig0/0 and Gig 0/1

1/1 and Gig0/0 should be in one vlan, lets say 800.

1/2 and Gig0/1 should be other vlan, lets say 810.

switchport config:

1/1

switchport

switchport access vlan 800

switchport mode acess

1/2

switchport

switchport access vlan 810

switchport mode access

All traffic from vlan 800 will be sent to port under vlan 810 and vice-versa after inspection.

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta

View solution in original post

1 REPLY 1
sawgupta
Beginner

Hi,

For inline-pair, configuration should be something like this

Assuming switchport to be 1/1 and 1/2. IPS port Gig0/0 and Gig 0/1

1/1 and Gig0/0 should be in one vlan, lets say 800.

1/2 and Gig0/1 should be other vlan, lets say 810.

switchport config:

1/1

switchport

switchport access vlan 800

switchport mode acess

1/2

switchport

switchport access vlan 810

switchport mode access

All traffic from vlan 800 will be sent to port under vlan 810 and vice-versa after inspection.

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta

View solution in original post

Content for Community-Ad