We've got two PIX'es setup in failover mode, we had an issue a day or so ago when the secondary pix took over the IDS was dead in the water because the SPAN config on our 6500 is not duplicating both ports. Suggestions on getting the SPAN config to pass traffic in a failover mode?
From what I understand, you need to include both the PIX ports (Primary and Secondary) in the SPAN configuration on your 6500 as the SPAN source ports. With that, even after failover, your SPAN will be able to capture the packets from the active PIX.
The ports that the PIXs are connected to both need to be SPAN sources. If you are using a Catalyst then use the 'monitor session <#> source interface..." command is what you need.
I confirm what “vkapoor5” and “brymiller” noted about ports connected to both active and standby ports that must be SPAN source ports on the switch.
Here is a simple configuration example (Cat OS and IOS).
I hope you have already resolve that issue.
Preview file
98 KB
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
