Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1130
Views
0
Helpful
2
Replies

L4 Configuration

Go to solution
phretbuzz
Level 1
Level 1

‎04-03-2012 11:00 AM

How do you physically configure a network tap on the Ironport? I'm not sure what they are referring to... I'm hoping they are not talking about a pass through fromt he inside firewall to the switch.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ken Stieers
VIP
VIP

‎04-03-2012 11:24 AM

In order to make my example clear, I'm going to make the following assumptions:

     You're talking about the Layer 4 Traffice Monitor (aka L4TM)

     Firewall inside interface, the WSA P1 interface and the WSA T1 interface plugged into the same swtich, on the same VLAN. 

     Firewall inside on gig1/1

     WSA P1 on gig1/5

     WSA T1 on gig1/10

     (Optional WSA T2 on gig1/11)

If you feel that one interface on the WSA will get overloaded, set the L4TM config in Network/Interfaces for simplex. Then connect the WSA T2 port to the swtich (say gig1/11), and do an egress span from gig1/1 to gig1/10 and ingress span from gig1/1 to gig1/11.

If its all connected to a HUB, the use DUPLEX on the WSA L4TM config and just hook up T1...

Or you can use an actual tap, that you put in-line like this:  http://www.netoptics.com/products/network-taps/101001000baset-tap and hook that up to the T1/T2 ports as appropriate.

Hope that helps!

Ken

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Ken Stieers
VIP
VIP

‎04-03-2012 11:24 AM

In order to make my example clear, I'm going to make the following assumptions:

     You're talking about the Layer 4 Traffice Monitor (aka L4TM)

     Firewall inside interface, the WSA P1 interface and the WSA T1 interface plugged into the same swtich, on the same VLAN. 

     Firewall inside on gig1/1

     WSA P1 on gig1/5

     WSA T1 on gig1/10

     (Optional WSA T2 on gig1/11)

If you feel that one interface on the WSA will get overloaded, set the L4TM config in Network/Interfaces for simplex. Then connect the WSA T2 port to the swtich (say gig1/11), and do an egress span from gig1/1 to gig1/10 and ingress span from gig1/1 to gig1/11.

If its all connected to a HUB, the use DUPLEX on the WSA L4TM config and just hook up T1...

Or you can use an actual tap, that you put in-line like this:  http://www.netoptics.com/products/network-taps/101001000baset-tap and hook that up to the T1/T2 ports as appropriate.

Hope that helps!

Ken

0 Helpful

Go to solution
phretbuzz
Level 1
Level 1
In response to Ken Stieers

‎04-03-2012 08:11 PM

OK. so it sounds like the network tap is an efficient piece of hardware to deliver packets. Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents