Skip navigation
Login   |   Register
Cisco Learning Home > Certifications > CCIE Security > Discussions


451 Views 2 Replies Latest reply: Mar 28, 2012 2:31 AM by Nick RSS

Currently Being Moderated

IDSM2 inline with FWSM

Mar 27, 2012 2:50 PM

garris 2 posts since
Nov 4, 2011



I am running into an issue and am in need of help....



I have a 6500 with an IDSM-2 and FWSM module in it.  I am using an external Cisco router as my internet router..... The FWSM is the gateway for all interfaces in my "DMZ" nets while my Sup-720 is the router for everything internal.


I configured my IDSM in promiscuous mode and everything worked fine. I was able to look at real time logging in the IME and manually make changes to protect my network using the firewall.  I then used the info from the logging and tweaked a few policies to prevent false positive and am ready to move the IDSM2 to "in-line" mode. 


My understanding is that I :


1) Create an extra vlan

2) Move my external router port (via the switch) to that new vlan

3) Assign a vlan pair putting one interface (g0/7)  on the new vlan (let's say 898) and the other (g0/8) on the existing vlan (let's say 899).  Since both vlans are controlled the FWSM, I shouldn't have a problem correct?  Or is my thinking wrong?


On the switch:


1) configure the Following on the 6500:


intrusion-detection module 1 data-port 1 access-vlan 898 (new vlan) 

intrusion-detection module 1 data-port 2 access-vlan 899 (existing vlan)
(move switch port of external router) int g9/1 ... 
switch access vlan 898


2) On the IDSM-2:

     inline-interfaces MYIDSM2

      interface1 GigabitEthernet0/7

     interface1 Giga8bitEthernet0/8




Since my FWSM also has a layer 3 interface to the internet (which points to the external router), will I need to move both to the new vlan?


More Like This

  • Retrieving data ...

Bookmarked By (0)