Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
924
Views
0
Helpful
5
Replies

IDSM failover

Antonsibir
Level 1
Level 1

‎08-20-2010 03:40 AM - edited ‎03-10-2019 05:06 AM

Hello,

Is there any failover mechanism for two IDSM installed in different 6500 chassis(chassis are configured as VSS)?

Labels:
0 Helpful
5 Replies 5

avanzaadmin
Level 1
Level 1

‎08-20-2010 05:07 AM

Hi Anton

Depending on how you use the IDSM, inline or promiscuous, I would suggest looking into the Multi Chassi Ethernet option available with VSS. If both IDSM join the port channel and share the traffic that would in effect make then a failover pair.

Regards

Fredrik

0 Helpful

Antonsibir
Level 1
Level 1
In response to avanzaadmin

‎08-20-2010 05:21 AM

Hi Fredrik,

Thank you for reply! It's necessarily to configure inline mode. Could you please explain more exact or give me a link?

0 Helpful

avanzaadmin
Level 1
Level 1
In response to Antonsibir

‎08-20-2010 05:51 AM

http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1044800

Here's the link to the IPS 7.x CLI mnaual regarding setting up and sharing an etherchannel across two IPSmodules. Just top of my head I would use inlineVLAN pair, that way I would save one interface for the future. I would then have my incoming data ports connect to one VLAN (Side A) and the outgoing data on the other VLAN (Side B).

/Fredrik

0 Helpful

Antonsibir
Level 1
Level 1
In response to avanzaadmin

‎08-20-2010 06:02 AM

Thank you for link. But AFAIK there is no ESLB support for IDSM in  different chassis. Link that you sent me is for load balancing in the  same chassis. Do you mean that I need similar EtherChannel  and inline VLAN pair mode configurations on both IDSM and then I  need to connect both IDSM by multichassis ethernet?


0 Helpful

avanzaadmin
Level 1
Level 1
In response to Antonsibir

‎08-20-2010 07:52 AM

That was my general idea, since VSS operationally is the same chassi it might work depending on which data flow you need to monitor.

/Fredrik

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card