02-08-2010 12:55 AM - edited 03-10-2019 04:52 AM
Hi
I want to build the cluster between two 4270 IPS, but i didn't find any document.
Please forward me the document or URL.
Is license is required for cluster building?
Regards,
Vashdev
02-08-2010 04:38 AM
There is no cluster support inherent in the IPS. You can either use Either Channel Load Balancing if you have a 6500 Switch or use some external technique like spanning tree to achive your requirement.
Please see the following
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/eclbips5.htm
https://supportforums.cisco.com/message/956730#956730 (Check the attached file in the penultimate post)
Regards
Farrukh
02-08-2010 11:33 PM
Hi Farrukh,
I saw on one document it saying we can cluter up 8 4270 IPS
Cisco IPS 4270 devices to be grouped and function as a cluster. This adds resiliency and allows for higher throughput. As many as eight Cisco IPS 4270 Sensors can be grouped as such.
Regards,
02-08-2010 11:40 PM
Yes this is true, ECLB can support upto 8 sensors. But you need a 6500 series switch to configure this feature (for IPS).
Regards
Farrukh
02-08-2010 11:41 PM
Yes this is true, ECLB can support upto 8 sensors. But you need a 6500 series switch to configure this feature (for IPS).
Regards
Farrukh
02-08-2010 11:43 PM
This is exactly what was mentioned in my earlier post (First link):
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/eclbips5.htm
Regards
Farrukh
02-09-2010 10:40 AM
Hi Farrukh,
The link you given will be beneficial in inline mode deployment, but I want to deploy both of the IPS in promiscuous mode and want to monitor lot of VLANs which is not possible through SPAN, SPAN having some limitation regarding number of VLAN.
Capturing future is also not available under port channel interface. So I cannot use ECLB.
So I decided to configure the VACL, that why I am looking for some solution, both IPS needs to work in load balance mode if one of IPS fails that traffic needs to be diverted to second IPS and no duplicate alarms.
Regards,
Vashdev
02-09-2010 10:49 AM
Hi Farruk,
Now I plan the following configuration but it neither supports load balancing nor redundancy
ip access-list ext IPS-ACCESS-LIST
permit ip any any
vlan access-map IPS-ACCESS-MAP 10
match ip address IPS-ACCESS-LIST
action forward capture
!
vlan filter IPS-ACCESS-MAP vlan-list 10,11,31,32,33,34,35,36,51,52,53,54,61,62,66,65
interface gi1/2/1
switchport
switchport capture
switchport capture allowed vlan 10,11
interface gi1/2/2
switchport
switchport capture
switchport capture allowed vlan 31,32
interface gi1/2/3
switchport
switchport capture
switchport capture allowed vlan 33,34
interface gi1/2/4
switchport
switchport capture
switchport capture allowed vlan 35,36
interface gi2/2/1
switchport
switchport capture
switchport capture allowed vlan 51,52
interface gi2/2/2
switchport
switchport capture
switchport capture allowed vlan 53,54
interface gi2/2/3
switchport
switchport capture
switchport capture allowed vlan 61,62
interface gi2/2/4
switchport
switchport capture
switchport capture allowed vlan 66,65
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: