Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
346
Views
0
Helpful
1
Replies

Change IPS to IDS

fedecotofaja
Level 1
Level 1

‎02-08-2009 08:00 PM - edited ‎03-10-2019 04:29 AM

Hi All,

I have an IPS Sensor 4240 working inline with the default settings... I need to do some tests and I need to change it to behave as an IDS. I know that I should configure the port on the swith as a SPAN port to send all traffic to the IDS (that will no longer be inline)....

My question is... what do I need to do in the IPS Sensor to change it to IDS?

Thank you all!

Labels:
0 Helpful
1 Reply 1

rhermes
Level 7
Level 7

‎02-09-2009 11:32 AM

The 4240 has 4 ports. One (in-line VLAN pairs) or two (in-line interface pairs) of those ports are being used. If you have a free port, put it in promiscious mode (default) and connect it to a new port on the switch that is aggregating your traffic. Configure the new switch interface as a span destination port. then disconnect your in-line interfaces (restoring traffic via another path of course).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card