How to configure FWSM to work with 3rd party IPS

Unanswered Question
Jun 29th, 2007

How do I configure FWSM and MSFC so that I can send traffic to a 3rd party IPS?

Examples of FWSM are at http://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_guide_chapter09186a0080697e9e.html

Taking Example 8, how do I configure so that traffic from VLAN 4 going to VLAN 201 can be passed thru a 3rd party IPS. Please do not recommend Cisco IPS Module as that is not an option. Thanks for your help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jwjorgensen Fri, 06/29/2007 - 13:41

Does the traffic HAVE to flow through the IPS? Or, can you just set up a SPAN port on the 6500 to send a copy of all the traffic to the IDS/IPS? I don't know of a way on the FWSM to redirect the traffic to an external device. You could possibly set up PBR once it hits the MSFC and set the next-hop to the IPS. Can you set the IPS to forward L3 traffic? If not, you can connect both interfaces to the MSFC in separate VLANS. Feel free to correct me if you think I am off base. HTH

shahbaiju Fri, 06/29/2007 - 14:50

Traffic has to pass thru IPS. SPAN port will not do (SPAN port would be IDS not IPS). Also, Monitoring/passthru interface of the IPS do not have IP address so it cannot be setup as a next hop.

Actions

This Discussion