We have an IDS appliance that we want to send server farm traffic to. We tried to set three capture ports, add them to a port channel, with the idea that we would aggregate the traffic onto a 3 Gig link. However, the result was three individual streams of the same traffic. The switch accepted the config, but didn't seem to aggregate the traffic.
Should this work? I know we can configure our VACL to limit the traffic, but since we have the IDS ports, we'd rather see it.
I'm answering this for Tom Landeis, the original poster from Safeco. We have a 6509E running 12.2(18)SXE4 that we want to configure as capture ports. These ports are connected directly to an IDS (Intrusion Detection System). We want traffic from 3 different vlans to go to that IDS device.
Currently each port is configured as a capture port and sending traffic for 1 vlan to the IDS device. Each port is sending traffic for a different vlan. This is inefficient, because 1 of the vlans is much busier than the other 2. So it would make sense to create a port-channel for those 3 ports and send all 3 vlans worth of traffic across the port-channel, rather than individual ports. Can you set the port-channel as switchport capture, and leave the individual ports as access ports? Thanks,
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.