I connected one IPS (4240) inline between 2 Firewalls and 2 DMZ switches as following;
FW1 e1---IPS 0/1, FW2 e1---IPS 0/3,
DMZ1 Switch1 fa0/1---IPS 0/0, DMZ2 Switch2 fa0/1---IPS 0/2.
I made 2 Pairs;
PAIR 1: Gig 0/0,0/1, PAIR 2: Gig 0/2,0/3.
I assigned both Pairs to VS0.
On the Switches i configured the Interfaces Fa0/1 as trunk. But at the Firewall end i havnt' change the existing configuration.
The configuration seems to be correct, but still i can't access dmz services from user. Also from the FW can't ping DMZ and DMZ can't ping FW.
IPS CANNOT PING FW AS WELL AS DMZ SWITCH.
I even unchecked all the actions that may drop the Packets..
The firewall is old Pix 525 (not sure exactly), so does the type of cable b/w FW and IPS matter as well?
Kindly suggest. I need to provide solution soon...