02-13-2009 01:00 AM - edited 03-10-2019 04:30 AM
Hi,
How can I configure port-channel for ECLB.
What are the ports needs to be included in the Etherchannel as there are no ports on the IDSM-2 cards ?
Regards,
Ashish Gupta
02-13-2009 02:18 AM
You will add data ports into port channel.
More details at
http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliIDSM2.html#wp1044800
Syed iftekhar Ahmed
02-13-2009 07:25 AM
Hi Ahmed,
I'm already having this document which decribes how to configure IDSM-2 & refers to port-channel in the configuration but the problem is no where it has been mentioned how to configure this port channel.
Regards,
Ashish Gupta
02-13-2009 07:49 AM
This is documented in the CLI Configuration Guide in the section for configuring the IDSM-2.
Here is a link to the section in the IPS 6.2 guide:
http://www.cisco.com/en/US/docs/security/ips/6.2/configuration/guide/cli/cli_idsm2.html#wp1044800
Let me know if you need more information after reading through this section.
02-16-2009 01:45 AM
Hi,
Thanks for the reply.
I read the IDSM-2 section of the document but didn't able to figure out the switch ports to be included in the Etherchannel as there are no physical ports on the IDSM-2 module.
As per my understanding I have to configure the data ports of all the IDSM-2 modules in the same etherchannel.
Could you send me the steps for configuring EtherChannel for IDSM.
02-16-2009 11:01 AM
There are no "external" physical ports on the IDSM-2.
BUT there are instead "internal" physical ports on the IDSM-2.
These "internal" ports are connected directly to the backplane of the switch.
If using the older Cat OS these ports are
In Cat OS they can then be configured similar to most other ports in the switch.
If using native IOS these ports are not named or configured like regular Gig ports.
They are given the special name "intrusion-detection module
The data-port 1 in the IOS configuration corresponds to GigabitEthernet0/7 seen inside the IDSM-2 configuration, and data-port 2 corresponds to GigabitEthernet0/8.
The instructions show you how to put these IDSM-2 ports into an etherchannel (it uses a special command for the IDSM-2 ports)
intrusion-detection module
You will then have to configure the ether-channel for your specific deployment model (promiscuous, inline interface, or inline vlan pair)
Because it is an etherchannel of IDSM-2 ports, even the etherchannel configuration has special commands:
intrusion-detection port-channel
Then followed by either "access", "trunk", or "capture" depending on the deployment type you are trying to do.
Also if using native IOS, then check what version of native IOS you are using. Not all IOS versions support all of the IDSM-2 etherchannel features.
Generally the 12.2(18)SXF4 and later versions on the 12.2SX train will support all features.
While the 12.2SR train does NOT support all features. The 12.2SR train is still fairly limited as to what IDSM-2 features are supported.
If you still need more help them let me know the following:
Type of Supervisor
Software Version being run
Slot # where the IDSM-2s are installed
The deployment you are trying to implement.
02-16-2009 09:19 PM
Hi Marcoa,
Thanks for the detailed reply. I got the answer of my question.
Thanks,
Ashish Gupta
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide