ips mode

Unanswered Question
Apr 17th, 2007

hello,

am i right in saying;

1. if ips is in ips mode, then i have to use interface pair?

1. if we have interface pair, does this 2 interfaces has to be in different subnets?

thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
m.sir Tue, 04/17/2007 - 22:40

1. Yes you are right you need two interfaces and IPS acts like bridge

2. IPS doesnt route between subnets and is used like transparent bridge - so you can place it between two computers in same network and its transparent for those PC

pc1 ----IPS ----pc2

BUT you can use also VLAN pairs - packets received on one of the paired VLANs are analyzed and then forwarded to the other VLAN in the pair.

Check this link for more details

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a0080459225.html#wp1033986

M.

cfajardo1_2 Wed, 04/18/2007 - 22:37

so if it is in inline mode and i have a flat network, all conversations should pass thru my IPS.

Do I have to configure anything on my switch on this case. aor whta has to be done to achieve this.

thanks

Actions

This Discussion