IDS: Configuring Blocking on PIX

Unanswered Question
Jan 31st, 2003
User Badges:

I'm looking for help in configuring our IDS 2410 v3.1 to use our PIX for IP Blocking.

IDS will sit and sniff between the outside interface of the PIX and our ISP's router. The management port of the IDS wil be routed thru a switch on the inside network which uses the PIX inside interface as a gateway.

Setup of blocking calls for an IP address of the PIX. Should that be the IP of the outside or inside interface?

I see that on the PIX we are not able to define which interface to use for blocking. So, which interface does the blocking? (perhaps the IP we input above?)

Thanks for any help.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
tscislaw_2 Tue, 02/04/2003 - 11:47
User Badges:

Correction....I used the wrong term in describing the command/control port as "management port".

The command/control port is connected to our inside switch.

I'm told by Cisco TAC that I should use the inside if IP address but I'm still confused as to where blocking occurs.

Cisco says inside but what about traffic that's routed to our DMZ interface that never reaches the inside interface? How does that get shunned?



This Discussion