Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IDSM-2 - Promiscuous Mode

I would like my IDSM-2 to run in a Promiscuous Mode ( and not INLINE mode)

How can i configure it so that it works on the - " Block Nothing,Monitor Everything" principle.

I need the blade to "Never" block the upstream devices like routers and Firewalls.

By the way,how will the IDSM running in Promiscuous Mode even "know" of upstream routers and other network devices.

Thanks !!!

1 REPLY
Cisco Employee

Re: IDSM-2 - Promiscuous Mode

Hi,

You can find how to configure IDSM-2 to run promiscuous mode here.

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008055df92.html#wp1030752

From there, you can find IOS vs. CatOS configuration as well as SPAN vs. VACL.

Once that is done, you can find configuration guide here regarding IPS software. I will list both CLI and IDM in case you prefer one over the other...

CLI -

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008055df7d.html#wp1033699

IDM -

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00804cf4c2.html#wp1031960

In promiscuous mode, unless you configure blocking with blocking device, it will never block anything by default. Even with blocking, you can configure never-block addresses.

CLI -

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008055df77.html#wp1031471

IDM -

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00804d1374.html#wp1037905

IDSM will not know about which is what (upstream routers and other network devices) unless you specify them in 'never block' or 'blocking devices'

Thank you.

Edward

266
Views
0
Helpful
1
Replies
CreatePlease to create content