Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Adding additional NIC on IDS 4210 for inline mode operation in 5.1code

I recently acquired a Cisco IDS 4210 through ebay and the unit was already configured with 512MB and IPS 5.1 code (byt the seller). Nonetheless given the unit only has 2 NIC (one for sensing and one for managment access)I can't configure inline mode operation (as it requires a pair).

I notice that there is another PCI slot in the unit and was wondering if I can add another PCI NIC into the unit to configure inline mode operation. I would appreciate if anyone can share their experience if they tried something similar before. Thanks.

2 REPLIES
Cisco Employee

Re: Adding additional NIC on IDS 4210 for inline mode operation

The IDS-4210 will not support an additional NIC.

To do inline monitoring you will have to use InLine Vlan Pairing rather than InLine Interface Pairing.

With InLine Vlan Pairing you connect the single monitoring interface to a switch trunk port, and in the IPS configuration create inline vlan pairs. The sensor does inline monitoring as it passes packets between the 2 vlans.

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008055df7d.html#wp1047718

However, understand that the IDS-4210 is almost at End of Service (End of Service is Dec 6, 2008). The platform is several years old, and was end of Saled back in 2003.

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/prod_eol_notice09186a008032d508.html

End of Sale announcements for IPS sensors are located here:

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/prod_eol_notices_list.html

The last date for renewing an existing service contract was Dec 6, 2007. And the last date of support on any contract is Dec 6, 2008.

You need a service contract to get a license which is needed for loading signature updates.

So the IDS-4210 will only get signature updates for another year IF you already have a contract.

If you don't have a service contract I am not sure if you can get one anymore, as the last date to order a new contract was back in 2004.

The IDS-4210 is not supported with IPS 6.0(1) and later versions. So you are forced to run the older 5.1 software.

If you got a really good price on it, and are just using it for learning then you should be able to use the 4210 to learn the IPS features. I have heard of several people doing this, especially in preparing for IPS certification.

BUT if you are intending to protect your network with it, then you probably won't be able to run the latest signature updates and won't be able to protect your network from the latest attacks. In this situation I would talk to a Cisco representative and see if there is any trade-in discount to upgrade to an IDS-4215.

New Member

Re: Adding additional NIC on IDS 4210 for inline mode operation

Thanks for the info. I just bought this unit for my own lab in preparation for the IPS exam. Thanks !

133
Views
0
Helpful
2
Replies