Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

Passing VLAN traffic from FWSM to IPS Sensor 4270

Hey folks,

I've only been able to find one doc on CCO that demonstrates how to move FWSM traffic out to an external IPS appliance and then back into the chassis for forwarding to the rest of the network. It uses "auxiliary" VLANs.

FWSM routing and switching for my inquiry are all occurring through blades in the 6500 chassis with only the IPS being used located outside the box.

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00808b4d9f.shtml

...it has a little section toward the bottom in the trouble-shooting section that mentions their one aux VLAN solution.

Anybody got a better more complete reference for this scenario?

Thanks,

m.

1 REPLY
Bronze

Re: Passing VLAN traffic from FWSM to IPS Sensor 4270

Users can configure the auxiliary VLAN feature on an 802.1x port and vice versa. When the switch recognizes a phone is attached to a port via CDP, it allows phone traffic on the auxiliary VLAN without 802.1x authentication. Then, the PC or Workstation connected (behind the phone) to the 802.1x port of the switch will use the port VLAN ID and authenticate following the dot1x protocol.

382
Views
2
Helpful
1
Replies
CreatePlease to create content