We have three VLAN's which are carried into a 3560. What we want is to be able to monitor these VLAN's with a single interface on a 4255 that runs as a passive device. I also want this device to be able to send tcp reset's from another interface on the same VLAN's the threats are heard from. Is this possible? Would VLAN grouping and trunking of both ports to the IPS work in this scenario?.
Thanks in advance