cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
660
Views
0
Helpful
2
Replies

IPS 4255 with 6509/FWSM

revolwireless
Level 1
Level 1

Is it possible to use a 4255 IPS inline on a 6509 with an FWSM?

For example say the FWSM has 20 vlans with servers on them, is it possible to put it inline between the different vlans? Would vlan pairs work for this or vlan groups?

2 Replies 2

you can use both vlan-pairs and vlan-groups in this scenario. In my opinion the vlan-pair setup is more simple then the vlan-group-setup, so I would look into that first.

Here is a link describing the system with more that one sensor to scale the bandwidth:

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_example09186a0080671a8d.shtml

It's about an older version and has missing images, but still shows the concept of  a "sensor on a stick".


Sent from Cisco Technical Support iPad App

I've read that before but for some reason I'm having a hard time understanding vlan pairs on a stick, I reality we have two 6509s with two FWSMs in active standby, I just don't see how I can get vlan traffic going to the IPS.

The 6500s aren't in a VSS either, just a layer 2 etherchannel trunk between them and both having servers on them in our various VLANS

Attached is a topology, I'm just not sure how i can setup the IPS inline to monitor traffic between all vlans

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: