Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IDS in a 6000

Has anyone experimented with the IDS blade for the 6000 series. I am trying to put IDS in a test eniroment using one of out test 6000's. My questions is, what special IOS(router) configurations do I need to look out for to make this work properly? Also, if any one has already implemented this in their campus I would like to hear some feeback from them. Thanks,

Cisco Employee

Re: IDS in a 6000

The Catalyst 6000 IDS Module will only work in switches running Cat OS version 6.1.1 or greater. The IDSM is currently not supported in Catalyst 600 switches running Cat IOS on the Supervisor module.

Two methods can be used to send traffic to port 1 (sniffing port) of the IDSM. Method 1 uses the span feature to send packets to the sniffing port. Method 2 use the vlan security acl capture feature to capture designated packets and send them to the sniffing port.

If using the MSFC for routing between vlans, and using the vlan security acl capture feature then you need to be aware of how the two function together.

Refer to this section of the configuration note for specifics:

New Member

Re: IDS in a 6000

I am currently running 6.1.1b on the Supervisor(Hybred) and 12.1.4 on the MFSC. What exactly do you mean by the CAT IOS can not be supported on the Supervisor? If there was no CAT IOS on the Sup then the switch would be worthless. Unless you are talking about Native IOS. Thanks

Cisco Employee

Re: IDS in a 6000

I should have said Native IOS is not supported.

Your Hybred configuration (Cat OS on the Sup, and IOS on the MSFC) is supported.

New Member

Re: IDS in a 6000

Hi Guys,

I have installed several of these now and experimented with Director 2.2.2 and CSPM 2.3 and 2.3.1i

We settled on 6.1.4 and 6.1.4 K9 and it seems to work well.

The modules do not block and the OS seems to be embedded NT not Solaris X86.

you can use SPAN ports, VACLS etc as usual and you can have more than one module in a switch.

hope that helps.

I noticed an issue with 6.1.3 and had to reset the whole switch on two different installations but the problem has not recurred as reset module would not work.

CreatePlease login to create content