IDSM-2 inline VLAN pair mode

vinod.rathi · ‎11-16-2007

My customer has voice, video and data VLAN's. Customer wants to inspect only inter VLAN traffic ONLY for data to be inspected by IDSM-2 inline while bypassing other VLAN traffic to FWSM and then to WAN.

Is that possible with Inline VLAN pair mode?

I read the cisco document which states as below

"You can configure IDSM-2 to simultaneously bridge up to 255 VLAN pairs on each data port. IDSM-2 replaces the VLAN ID field in the 802.1q header of each packet with the ID of the VLAN on which the packet is forwarded. It drops any packets received on VLANs that are not assigned to an inline VLAN pair."

The last statement says it will drop all other vlan traffic which are not assigned to any inline vlan pair?

Regards

Vinod

mchin345 · ‎11-22-2007

You can bypass analysis engine when inline bypass is activated , allowing traffic to flow through the inline interfaces and inline VLAN pairs without inspection. Inline bypass ensures that packets continue to flow through the sensor when the sensor processes are temporarily stopped for upgrades or when the sensor monitoring processes fail. But not always.

vinod.rathi · ‎11-23-2007

Thanks for reply.

However if analysis engine is working and certain vlans needs to bypass IDSM-2 inline inspection, is that possible?

trodecke · ‎11-26-2007

In that case I just wouldn't configure the VLAN pairing for the vlans you don't want to have inspected.