L4 Configuration

Answered Question
Apr 3rd, 2012

How do you physically configure a network tap on the Ironport? I'm not sure what they are referring to... I'm hoping they are not talking about a pass through fromt he inside firewall to the switch.

I have this problem too.
0 votes
Correct Answer by kstieers1 about 2 years 2 weeks ago

In order to make my example clear, I'm going to make the following assumptions:

     You're talking about the Layer 4 Traffice Monitor (aka L4TM)

     Firewall inside interface, the WSA P1 interface and the WSA T1 interface plugged into the same swtich, on the same VLAN. 

     Firewall inside on gig1/1

     WSA P1 on gig1/5

     WSA T1 on gig1/10

     (Optional WSA T2 on gig1/11)

If you feel that one interface on the WSA will get overloaded, set the L4TM config in Network/Interfaces for simplex. Then connect the WSA T2 port to the swtich (say gig1/11), and do an egress span from gig1/1 to gig1/10 and ingress span from gig1/1 to gig1/11.

If its all connected to a HUB, the use DUPLEX on the WSA L4TM config and just hook up T1...

Or you can use an actual tap, that you put in-line like this:  http://www.netoptics.com/products/network-taps/101001000baset-tap and hook that up to the T1/T2 ports as appropriate.

Hope that helps!

Ken

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (1 ratings)
Correct Answer
kstieers1 Tue, 04/03/2012 - 11:24

In order to make my example clear, I'm going to make the following assumptions:

     You're talking about the Layer 4 Traffice Monitor (aka L4TM)

     Firewall inside interface, the WSA P1 interface and the WSA T1 interface plugged into the same swtich, on the same VLAN. 

     Firewall inside on gig1/1

     WSA P1 on gig1/5

     WSA T1 on gig1/10

     (Optional WSA T2 on gig1/11)

If you feel that one interface on the WSA will get overloaded, set the L4TM config in Network/Interfaces for simplex. Then connect the WSA T2 port to the swtich (say gig1/11), and do an egress span from gig1/1 to gig1/10 and ingress span from gig1/1 to gig1/11.

If its all connected to a HUB, the use DUPLEX on the WSA L4TM config and just hook up T1...

Or you can use an actual tap, that you put in-line like this:  http://www.netoptics.com/products/network-taps/101001000baset-tap and hook that up to the T1/T2 ports as appropriate.

Hope that helps!

Ken

phretbuzz Tue, 04/03/2012 - 20:11

OK. so it sounds like the network tap is an efficient piece of hardware to deliver packets. Thanks

Actions

Login or Register to take actions

This Discussion

Posted April 3, 2012 at 11:00 AM
Stats:
Replies:2 Avg. Rating:5
Views:467 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard