06-29-2007 10:11 AM - edited 03-09-2019 06:17 PM
How do I configure FWSM and MSFC so that I can send traffic to a 3rd party IPS?
Examples of FWSM are at http://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_guide_chapter09186a0080697e9e.html
Taking Example 8, how do I configure so that traffic from VLAN 4 going to VLAN 201 can be passed thru a 3rd party IPS. Please do not recommend Cisco IPS Module as that is not an option. Thanks for your help.
06-29-2007 01:41 PM
Does the traffic HAVE to flow through the IPS? Or, can you just set up a SPAN port on the 6500 to send a copy of all the traffic to the IDS/IPS? I don't know of a way on the FWSM to redirect the traffic to an external device. You could possibly set up PBR once it hits the MSFC and set the next-hop to the IPS. Can you set the IPS to forward L3 traffic? If not, you can connect both interfaces to the MSFC in separate VLANS. Feel free to correct me if you think I am off base. HTH
06-29-2007 02:50 PM
Traffic has to pass thru IPS. SPAN port will not do (SPAN port would be IDS not IPS). Also, Monitoring/passthru interface of the IPS do not have IP address so it cannot be setup as a next hop.
06-29-2007 03:00 PM
Then set up the interfaces on two different vlans on the 6500.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide