ip access-list extended ALL_TRAFFIC
permit ip any any
!
vlan access-map IDS_CAPTURE 10
match ip address ALL_TRAFFIC
action forward capture
!
vlan filter IDS_CAPTURE vlan-list 44
!
intrusion-detection module 4 management-port access-vlan 3
intrusion-detection module 4 data-port 1 capture
intrusion-detection module 4 data-port 1 capture allowed-vlan 44,101
intrusion-detection module 4 data-port 1 autostate include
Notes:
If the filter is applied to VLAN 44, even though VLAN 101 and 44 are allowed, the IDSM will only see traffic on VLAN 101 if it traverses VLAN 44.
There is a small note describing this between steps 8 and 9 in the Configuration Guide:
http://www.cisco.com/en/US/docs/security/ips/6.2/configuration/guide/cli/cli_idsm2.html#wp1030828