Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Sample Config - IDSM-2

I'm looking for a sample config for a IPS IDSM-2. I've been reviewing the configuration manual and love the excruciating detail, but would like to work from a sample config. Maybe just the basics to get started and then I can add stuff in later.

Any samples would be most appreciated.

Thanks,

Mike

4 REPLIES
Gold

Re: Sample Config - IDSM-2

I assume you're looking for the 6500/7600 config since the IDSM sensor configs are identical to the appliance sensors.

There's two ways you can run traffic throught a sensor, promiscious and in-line. Here's a simple promiscious config:

intrusion-detection module 9 management-port access-vlan 101 (puts the ISDM in slot 9 management port on VLAN 101)

intrusion-detection module 9 data-port 1 capture allowed-vlan 1001,1002,1003 (sends the contents of those VLANS to port 1 of the IDSM)

intrusion-detection module 9 data-port 1 capture

New Member

Re: Sample Config - IDSM-2

Thnaks for the info. I guess, with all the commands and detail in the configuration manual that there would be a lot more to it than this.

Mike

Re: Sample Config - IDSM-2

You need to decide the mode you want to run your IPS in? Promiscuous, Inline (VLAN/Interface pair) ?

Here are two examples from CCO:

https://www.cisco.com/en/US/products/sw/secursw/ps2113/products_configuration_example09186a0080876d9f.shtml

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_example09186a00809c37cb.shtml

Regards

Farrukh

New Member

Re: Sample Config - IDSM-2

Farrukh,

Excellent, perfect, just what I needed...Thanks!

Mike

564
Views
0
Helpful
4
Replies