I am working with the IDSM-2, We have Cisco 6509 with CSM & FWSM, We are planning IDSM-2 in Inline mode and now i want to monitor the traffic which is coming through Outside Interface of the FW context ( Which is nothing but a VLAN A, VLAN B, Vlan C. on MSFC )
Data flow :-- ISP RTR---INternal RTR---FWSM---IDSM---MSFC---CSM---
IDSM version is 5.1(4)S257.0,
This will support only Two VLAN (IN and OUT) on access mode.
My problem is I don't know how to scan the traffic of 3 numbers of VLAN (A,B,C).
Cisco 6509 --- Version 12.2(18)SXF7,
You need to configure 3 inline vlan pairs . Suppose you are interested in monitoring vlan A, B , C and your MSFC is in vlan D. You need to configure 3 vlan pair such as
vlan A ,D
Vlan B, D
vlan C, D
You can refer the below link for coniguring inline vlan pair
Hope it helps
You can use inline VLAN pair mode to monitor traffic coming on specific VLANS. For eg
You have VLAN 100,200 and 300 on MSFC that you intend to monitor inline.
You need to configure VLAN 101,201 and 301 (L2 only) and send VLAN 100-101,200-201,300-301 to IDSM-2.
You then need to create VLAN pairs on IDSM-2 module as below
1 - VLAN 100-101 - pair 1
2 - VLAN 200-201 - pair 2
3 - VLAN 300-301 - pair 3
Then assign above three pairs to Virtual sensor and it will monitor this traffic for inline operation.
Inline VLAN pair mode is based on VLANs, so it doesnt really matter whether VLANS are behind or front of FWSM.