IPS issue

Unanswered Question
May 5th, 2009
User Badges:

Hello, We have two ISPs providing the two separate links. But my IPS is having only one in port and one port. But I want both the ISP links should come to my LAN through IPS. How can I do?

Can I do this. A switch has 2 L3 vlans, one vlan for incoming from ISP and outgoing to another VLAn. will it work?


Please help me out in getting it.


Regards,

Sunil

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
scothrel Wed, 05/06/2009 - 06:15
User Badges:
  • Cisco Employee,

Sunil,

The IPS appliance supports an "on-a-stick" mode (officially known as Inline VLAN Pair Mode). You can have two logical links on a single physical link, where the logical links are separated by Vlan tags. The physical link is set up as an 802.1Q trunk and packets recieved with vlan tag A are inspected and transmitted with vlan tag B and vice versa. The latest online docs for it are here: http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_interfaces.html#wp1047718

Actions

This Discussion