how can i use IDSM-2 in inline mode for more than two VLANs?

MIMOMHAZ333 · ‎11-12-2007

can i use the IDSM-2 in inline mode to be ips to more than two VLANS

like this or it isn't

intrusion-detection module 5 data port 1 access-vlan 10,20,30,40,50

intrusion-detection module 5 data port 1 access-vlan 100,200

thank u all for your help

marcabal · ‎11-12-2007

The IDSM-2 ports need to be configured as trunk ports with multiple vlans rather than as access ports.

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00807517eb.html#wp1068377

And instead of creating an inline interface pair by pairing Gig0/7 with Gig0/8 within the IDSM-2 configuration, you would create inline vlan pairs.

With an inline vlan pair you pair 2 vlans on the same interface.

You can have up to 255 inline vlan pairs on each interface (assumining you keep the total traffic from all of the pairs within the IDSM-2s performance limit of around 500Mbps)

How to create inline vlan pairs:

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00807517bb.html#wp1047852

The other aspect you need to be aware of is that not all IOS versions will support configuring the IDSM-2 data ports as trunk ports for inline vlan pairs.

Your best bet is to use 12.2(18)SXF4 or a later version on the 12.2(18)SXF train.

The 12.2(33)SR train does not currently support the trunk feature for the IDSM-2.