Recently I upgraded the supervisor on my Catalyst6509 to a SUP720-3B. This upgrade switched me from CatOS to IOS which is a welcome change. However I am having trouble configuring my IPS appliance(4250XL Build Version 6.0(5)E3) to use the new Supervisor as a blocking device. For now I really want to use it as an IDS device in promiscous mode. The Vlans I want to inspect do not exist on the 6509 and they are switched to the PIX. The appliance itself is connected to the 6509. I had this configured in CatOS and it seemed to be pretty rock solid. In a nutshell I have setup a monitor session from the source interface and pointed it to the sensing interface on the IDS. The IDS is able to login to the 6509. Basically all I need the IDS appliance to do is write an access list to the switch blocking any device that fires signatures I have setup to block. I had this configured in CatOS but the documentation to do this with IOS seems "sketchy" at best. Can anyone please provide some real life configuration examples that may accomplish this task?