IPS 4260 in inline mode

Unanswered Question
Dec 3rd, 2008

Hi Friends,

I want to place the IPS in inline mode between my 6513 core switch and wan router but IPS has only one sesnsing interface.

so how to place it in inline mode?

I have four vlans 110,111,112,113 configured on my 6513 core switch

please help on this

Regards

Ravi

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rhermes Thu, 12/04/2008 - 09:00

Wow, you dropped all that money on a 4260 and didn't buy the 4 Cu interface card bundle?

You're only option (besides buying a much more expensice 4 port card) is to use VLAN pairs to go in and out of your 4260. One limitation of doing this is the Single GigE interface will have to carry both directions of traffic (to and from the sensor) on the same interface. This will reduce your effective throughput to half of the interface's capicity.

Create a new VLAN in your switch. Take the existing VLAN that was going to the WAN router (I HOPE your IPS is INSIDE your Firewall) and put them both in a trunk and send them to your 4260. Set up a VLAN pair for those two VLANS on the 4260. Put a new interface on your switch in the new VLAN you just created and cable that to your WAN router.

Actions

This Discussion