10-16-2007 11:22 AM - edited 03-05-2019 07:07 PM
Hi friends,
Just wanted to clarify if this SPAN configuration is possible for sending traffic to IDS.
Server Farm 6500 switch1
-------------------------
monitor session 1 source vlan 1 - 3000
monitor session 1 destination interface Gi8/6 (port which is connected to IDS Swich)
Server Farm 6500 switch2
--------------------------
monitor session 1 source vlan 1 - 3000
monitor session 1 destination interface Gi8/6 (port which is connected to IDS Swich)
IDS Switch
------------
monitor session 1 source interface Gi0/1 - 2 (ports which connects to Gig 8/6 in 6500 Server farm swiches)
monitor session 1 destination interface Gi0/49 (port wich connects to IDS)
Note: Please bear with me for a double posting in both Lan switching and routing and Security-->IPS forums for this issue.
10-16-2007 11:36 AM
Just wanted to add that the SPAN destination ports are access ports and not trunk ports.
Thanks a lot
Gautam
10-16-2007 02:16 PM
have you considered RSPAN (=remote)?
10-16-2007 03:24 PM
Thanks for the speedy reply. I did come to know that RSPAN VLAN could be a solution.
But is there something you think being wrong in the current configuration?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: