cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
417
Views
0
Helpful
9
Replies

Adding NIC's to an IDS

bfl1
Level 1
Level 1

The 4235 comes with one sensing interface and the capability to add 4 more. How do you add an additional NIC and configure it to be a sensing interface running in promiscuous mode?

thanks

2 Accepted Solutions

Accepted Solutions

lwierenga
Level 1
Level 1

marcabal
Cisco Employee
Cisco Employee

You have to purchase the additional NIC card from Cisco. The software does not support adding just any card. The IDS software has been optimized to work with specific cards where have modified the device drivers.

The part number for the 4 port 10/100 card is IDS-4FE-INT=.

View solution in original post

9 Replies 9

lwierenga
Level 1
Level 1

Look here:

http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_installation_and_configuration_guide_chapter09186a00801a0c95.html#320

Specifically look at:

Installing Optional PCI Cards

Assigning and Enabling the Sensing Interface

Does it matter the type of card? Can I use a 3Com Etherlink XL 10/100 (3C905C-TX) or an Intel pro VM?

Thanks! The document you provided was great.

marcabal
Cisco Employee
Cisco Employee

You have to purchase the additional NIC card from Cisco. The software does not support adding just any card. The IDS software has been optimized to work with specific cards where have modified the device drivers.

The part number for the 4 port 10/100 card is IDS-4FE-INT=.

Can the NIC be added without re-installing the sensor? Can someone summarize this procedure?

Can the 4FE NIC be added without re-installing the sensor? Can someone summarize this procedure?

Yes,

Follow the necessary procedures to power off the sensor, install the card into the PCI slot, and power back on the sensor (see the config guide for the physical procedures if necessary).

Once the sensor boots up you will need to make the following configuration changes.

Note: the 4FE is only supported with version 4.1 of the sensor code and is not supported in version 4.0 or 3.x versions so be sure you have already upgraded your sensor code. These are the 4.1 CLI commands to use:

configure terminal

interface group 0

sensing-interface int0,int2,int3,int4,int5

exit

interface sensing int0

no shutdown

exit

interface sensing int2

no shutdown

exit

interface sensing int3

no shutdown

exit

interface sensing int4

no shutdown

exit

interface sensing int5

no shutdown

exit

exit

This will have added all of the interfaces to group 0 and turned them all on. The sensor will then be able to monitor all of the interfaces using your current signature definitions, filters, etc... without a re-installation of the software or reconfiguration of other portions of the sensor.

I did not see the one section you referred to (Installing Optional PCI Cards). Is there another link?

When you click on the link and the web page comes up... Go to the very top - it is the third hypertext link, entitled "Assigning and Enabling the Sensing Interface". Also, if you look at the left pane of the web page, there is a link called "Click here for Whole-Book PDF". If you download that, then it is the last chapter "Basic Configuration" Then "Initial Configuraiton Tasks" Then "Assigning and Enabling the Sensing Interface"

dblairii
Level 1
Level 1

Can the 4FE NIC be added without re-installing the sensor? Can someone summarize this procedure?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: