Skip navigation
Cisco Learning Home > Certifications > CCIE Security > Discussions

_Communities

385 Views 2 Replies Latest reply: Mar 28, 2012 2:31 AM by Nick RSS

Currently Being Moderated

IDSM2 inline with FWSM

Mar 27, 2012 2:50 PM

garris 3 posts since
Nov 4, 2011

Hello,

 

I am running into an issue and am in need of help....

 

 

I have a 6500 with an IDSM-2 and FWSM module in it.  I am using an external Cisco router as my internet router..... The FWSM is the gateway for all interfaces in my "DMZ" nets while my Sup-720 is the router for everything internal.

 

I configured my IDSM in promiscuous mode and everything worked fine. I was able to look at real time logging in the IME and manually make changes to protect my network using the firewall.  I then used the info from the logging and tweaked a few policies to prevent false positive and am ready to move the IDSM2 to "in-line" mode. 

 

My understanding is that I :

 

1) Create an extra vlan

2) Move my external router port (via the switch) to that new vlan

3) Assign a vlan pair putting one interface (g0/7)  on the new vlan (let's say 898) and the other (g0/8) on the existing vlan (let's say 899).  Since both vlans are controlled the FWSM, I shouldn't have a problem correct?  Or is my thinking wrong?

 

On the switch:

 

1) configure the Following on the 6500:

 

intrusion-detection module 1 data-port 1 access-vlan 898 (new vlan) 

intrusion-detection module 1 data-port 2 access-vlan 899 (existing vlan)
(move switch port of external router) int g9/1 ... 
switch access vlan 898

 

2) On the IDSM-2:

     inline-interfaces MYIDSM2

      interface1 GigabitEthernet0/7

     interface1 Giga8bitEthernet0/8

 

QUESTION:

 

Since my FWSM also has a layer 3 interface to the internet (which points to the external router), will I need to move both to the new vlan?

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)