IPS issue

Unanswered Question
May 5th, 2009

Hello, We have two ISPs providing the two separate links. But my IPS is having only one in port and one port. But I want both the ISP links should come to my LAN through IPS. How can I do?

Can I do this. A switch has 2 L3 vlans, one vlan for incoming from ISP and outgoing to another VLAn. will it work?

Please help me out in getting it.

Regards,

Sunil

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
scothrel Wed, 05/06/2009 - 06:15

Sunil,

The IPS appliance supports an "on-a-stick" mode (officially known as Inline VLAN Pair Mode). You can have two logical links on a single physical link, where the logical links are separated by Vlan tags. The physical link is set up as an 802.1Q trunk and packets recieved with vlan tag A are inspected and transmitted with vlan tag B and vice versa. The latest online docs for it are here: http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_interfaces.html#wp1047718

Actions

This Discussion