IPS interfaces

Unanswered Question
Mar 23rd, 2009

on the IDSM-2 module are the interfaces (gi0/2 gi0/7, 8) on the actual IDS module or are they referring to ports on the switch that it is installed on?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
marcabal Mon, 03/23/2009 - 12:09

The ports Gi0/7 and Gi0/8 are the actual sensor ports that you configure within the sensor configuration.

Correspondingly there are also switch side ports for each of these 2 sensor ports.

If you are using IOS then gi0/7 is internally connected to "intrusion-detection module data-port 1";

and gi0/8 is internally connected to "intrusion-detection module data-port 2"

So when configuring the IDSM-2 you have to configure data-port 1 and 2 within the switch configuration, as well as configure Gi0/7 and Gi0/8 within the IDSM-2 configuration.

rjaaouan Thu, 03/26/2009 - 02:38

To configure the sensing ports on the IDSM-2 for inline operations, complete the following


Step 1 Log in to the switch.

Step 2 Enter privileged mode:

cat6k> enable

Step 3 Set the native VLAN for the IDSM-2 sensing ports, which are ports 7 and 8:

cat6k (enable)> set vlan 651 3/7

cat6k (enable)> set vlan 652 3/8

Note For this example, the IDSM-2 is installed in slot 3.

Step 4 Clear all VLANs from each IDSM-2 sensing port, except for the native VLAN on

each port:

cat6k (enable)>clear trunk 3/7 1-650,652-4094

cat6k (enable)>clear trunk 3/8 1-651,653-4094

Step 5 Enable bridge protocol data unit (BPDU) spanning tree filtering on the IDSM-2

sensing ports to prevent spanning tree loops:

cat6k (enable)> set spantree bpdu-filter 3/7-8 enable

I hope this is useful


[email protected]


This Discussion