Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPS 4255 with 6509/FWSM

Is it possible to use a 4255 IPS inline on a 6509 with an FWSM?

For example say the FWSM has 20 vlans with servers on them, is it possible to put it inline between the different vlans? Would vlan pairs work for this or vlan groups?

2 REPLIES
VIP Purple

Re: IPS 4255 with 6509/FWSM

you can use both vlan-pairs and vlan-groups in this scenario. In my opinion the vlan-pair setup is more simple then the vlan-group-setup, so I would look into that first.

Here is a link describing the system with more that one sensor to scale the bandwidth:

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_example09186a0080671a8d.shtml

It's about an older version and has missing images, but still shows the concept of  a "sensor on a stick".


Sent from Cisco Technical Support iPad App


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

IPS 4255 with 6509/FWSM

I've read that before but for some reason I'm having a hard time understanding vlan pairs on a stick, I reality we have two 6509s with two FWSMs in active standby, I just don't see how I can get vlan traffic going to the IPS.

The 6500s aren't in a VSS either, just a layer 2 etherchannel trunk between them and both having servers on them in our various VLANS

Attached is a topology, I'm just not sure how i can setup the IPS inline to monitor traffic between all vlans

322
Views
0
Helpful
2
Replies