Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Configuring VACL captures on the IDSM-2 host switch

 ip access-list extended ALL_TRAFFIC
  permit ip any any
!
vlan access-map IDS_CAPTURE 10
  match ip address ALL_TRAFFIC
  action forward capture
!
vlan filter IDS_CAPTURE vlan-list 44
!
intrusion-detection module 4 management-port access-vlan 3
intrusion-detection module 4 data-port 1 capture
intrusion-detection module 4 data-port 1 capture allowed-vlan 44,101
intrusion-detection module 4 data-port 1 autostate include

Notes:

If the filter is applied to VLAN 44, even though VLAN  101 and 44 are allowed, the IDSM will only see traffic on VLAN 101 if it traverses VLAN 44.

There is a small note describing this between steps 8 and 9 in the Configuration Guide:

http://www.cisco.com/en/US/docs/security/ips/6.2/configuration/guide/cli/cli_idsm2.html#wp1030828

Version history
Revision #:
1 of 1
Last update:
‎07-22-2010 08:45 AM
Updated by:
 
Everyone's tags (4)