IDSM-2 inline VLAN pair mode

Unanswered Question
Nov 16th, 2007
User Badges:

My customer has voice, video and data VLAN's. Customer wants to inspect only inter VLAN traffic ONLY for data to be inspected by IDSM-2 inline while bypassing other VLAN traffic to FWSM and then to WAN.


Is that possible with Inline VLAN pair mode?


I read the cisco document which states as below


"You can configure IDSM-2 to simultaneously bridge up to 255 VLAN pairs on each data port. IDSM-2 replaces the VLAN ID field in the 802.1q header of each packet with the ID of the VLAN on which the packet is forwarded. It drops any packets received on VLANs that are not assigned to an inline VLAN pair."


The last statement says it will drop all other vlan traffic which are not assigned to any inline vlan pair?


Regards

Vinod

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mchin345 Thu, 11/22/2007 - 08:06
User Badges:
  • Silver, 250 points or more

You can bypass analysis engine when inline bypass is activated , allowing traffic to flow through the inline interfaces and inline VLAN pairs without inspection. Inline bypass ensures that packets continue to flow through the sensor when the sensor processes are temporarily stopped for upgrades or when the sensor monitoring processes fail. But not always.

vinod.rathi Fri, 11/23/2007 - 06:15
User Badges:

Thanks for reply.


However if analysis engine is working and certain vlans needs to bypass IDSM-2 inline inspection, is that possible?



trodecke Mon, 11/26/2007 - 13:25
User Badges:

In that case I just wouldn't configure the VLAN pairing for the vlans you don't want to have inspected.

Actions

This Discussion