How to configure FWSM to work with 3rd party IPS

Unanswered Question
Jun 29th, 2007
User Badges:

How do I configure FWSM and MSFC so that I can send traffic to a 3rd party IPS?


Examples of FWSM are at http://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_guide_chapter09186a0080697e9e.html


Taking Example 8, how do I configure so that traffic from VLAN 4 going to VLAN 201 can be passed thru a 3rd party IPS. Please do not recommend Cisco IPS Module as that is not an option. Thanks for your help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jwjorgensen Fri, 06/29/2007 - 13:41
User Badges:

Does the traffic HAVE to flow through the IPS? Or, can you just set up a SPAN port on the 6500 to send a copy of all the traffic to the IDS/IPS? I don't know of a way on the FWSM to redirect the traffic to an external device. You could possibly set up PBR once it hits the MSFC and set the next-hop to the IPS. Can you set the IPS to forward L3 traffic? If not, you can connect both interfaces to the MSFC in separate VLANS. Feel free to correct me if you think I am off base. HTH

shahbaiju Fri, 06/29/2007 - 14:50
User Badges:

Traffic has to pass thru IPS. SPAN port will not do (SPAN port would be IDS not IPS). Also, Monitoring/passthru interface of the IPS do not have IP address so it cannot be setup as a next hop.

jwjorgensen Fri, 06/29/2007 - 15:00
User Badges:

Then set up the interfaces on two different vlans on the 6500.

Actions

This Discussion