I have an 1Gbps AGM and I am configuring Anomaly Guard Module. For testing purpose, I am trying to bypass/route the traffic through AGM, but I could not. The configuration is as mentioned below. I have captured the traffic using packet-dump and I could understand that traffic is forwarded to AGM, but not leaving AGM.
Can you please advice, what is missing in this configuration to enable all traffic to pass through AGM.
Configuration:
6509 Config:
firewall multiple-vlan-interfaces
firewall module 2 vlan-group 161
firewall vlan-group 161 2,10,62
anomaly-guard module 8 port 1 allowed-vlan 2
anomaly-guard module 8 port 2 allowed-vlan 61,62
anomaly-guard module 8 port 1 native-vlan 2
!
vlan 2-3,10-12,20,50-51,61-62
!
end
AGM Config:
diversion hijacking receive-via-ip 172.17.61.16
diversion hijacking receive-via-vlan 61
diversion injection 172.18.10.0 255.255.255.0 nexthop 172.17.66.1
interface eth1
ip address 172.18.2.11 255.255.255.0
mtu 1500
no shutdown
exit
interface giga2
mtu 1500
proxy 172.17.61.15
no shutdown
exit
interface giga2.61
ip address 172.17.61.16 255.255.255.0
mtu 1500
no shutdown
exit
interface giga2.62
ip address 172.17.66.15 255.255.255.0
mtu 1500
no shutdown
exit
ip route 192.168.100.0 255.255.255.0 172.17.61.1 giga2.61
ip route 172.18.10.0 255.255.255.0 172.17.66.1 giga2.62
default-gateway 172.17.61.1
zone CUSTOMER GUARD_DEFAULT
ip address 172.18.10.0 255.255.255.0
no bypass-filter *
bypass-filter 10 * * * no-fragments
bypass-filter 11 172.17.61.1 * * no-fragments
bypass-filter 12 192.168.100.1 * * no-fragments
!
end