Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Filter Traffic using ISDM-2 Inline Mode and Inline VLAN Pairs

Hi Everyone,

I have a new ISDM-2 Module (Version 6.0(1)E1) and I?m thinking use Inline VLAN Pairs to bridge two vlans, in my case vlan 100 and vlan 101. Vlan 100 is the vlan used by MSFC and Vlan 101 is the vlan used by the outside of my FWSM . In this way, I think I can monitor all the traffic into and from Internet. My question is: can I choose what traffic I will analyze using this configuration ? Maybye with VACL or another way.

Thanks in Advanced

Andre Lomonaco

Cisco Employee

Re: Filter Traffic using ISDM-2 Inline Mode and Inline VLAN Pair

If I understand your question correctly, I do not think you have the ability to selectively inspect the traffic with only a single pair of vlans. The IPS module is going to bridge your vlans together and you would want all traffic to go through that bridge...I don't know what mechanism you'd use to selectively direct traffic through some other bridge/route function.

Within the IPS software you can turn off (disable AND retire) signatures that inspect traffic that you wish to ignore, the IPS will just forward the traffic through, but you don't have a fine level of granularity there.