Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

IDSM2 and VACLs to capture monitored traffic

Hi all,

I am configuring an IDSM2 module in a cat6500 siwtch running CatOS. I configured some VACLs to capture traffic to send it to the data port of the IDSM2 but I started to have connectivity issues with the vlans I mapped to the VACLs. As far as I know the VACLs with the capture option do not block or affect the traffic flow, is this correct?

Regards

1 ACCEPTED SOLUTION

Accepted Solutions
ovt Bronze
Bronze

Re: IDSM2 and VACLs to capture monitored traffic

Yes, but the VACL has implicit "deny any" at the end, so you'd use:

set security acl acl-name permit ip any any

otherwise all other traffic will be blocked.

1 REPLY
ovt Bronze
Bronze

Re: IDSM2 and VACLs to capture monitored traffic

Yes, but the VACL has implicit "deny any" at the end, so you'd use:

set security acl acl-name permit ip any any

otherwise all other traffic will be blocked.

133
Views
0
Helpful
1
Replies
CreatePlease to create content