RE: IPS 4215 inline mode

From: Mark Snow (mark@ipexpert.com)
Date: Sat Mar 31 2007 - 13:27:01 ART

• Next message: Farrukh Haroon: "Re: Cisco ASA and VRF"
• Previous message: Edward Norton: "Re: IPS 4215 inline mode"
• Maybe in reply to: Edward Norton: "IPS 4215 inline mode"
• Next in thread: Farrukh Haroon: "Re: IPS 4215 inline mode"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

That is correct Edward.

 
Mark Snow
Senior Technical Instructor - IPexpert, Inc.
CCIE #14073 (Voice, Security)
URL: http://www.IPexpert.com
Toll Free: +1.866.225.8064
International: +1.810.326.1444

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Edward Norton
Sent: Saturday, March 31, 2007 10:10 AM
To: Farrukh Haroon
Cc: ccielab@groupstudy.com; security@groupstudy.com
Subject: Re: IPS 4215 inline mode

thanks for the info ..a quick question regarding the inline vlan mode ,
assume the following cenario
   
  mgmt pc -----------vlan1-------sensor ------vlan2 -------Router

  the sensor has one physical interface pairing between vlan1 and vlan 2.
   
  my question is that ..in this case,since the sensor bridge the traffic
between pair-vlans , the mgmt pc and the router interface will be on the
same subnet although on different vlans ?
   
  thx
   
   
   
   
  
Farrukh Haroon <farrukhharoon@gmail.com> wrote:
  Hello Edward

1) The 4215 needs at least two sensing interfaces to do regular inline. You
need to couple both in a 'pair' for inline mode to work.

2) No you don't configure any subnets with the IPS, its sensing interfaces
have no IP addresses assigned at all.

3) You can use a new option 'Inline Vlan Pair', with which you can form a
trunk interface between the switch and IPS (using one interface only). And
then define upto 255 Vlan pairs per interface like

Vlan 10 < > Vlan 20
Vlan 1 < > Vlan 2

and then do filtering based on Vlans, see:

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration
_guide_chapter09186a008055df7d.html#wp1047718

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration
_guide_chapter09186a008061beaf.html#wp1033269

HTH

Regards

Farrukh

  On 3/31/07, Edward Norton <doubleccie@yahoo.com> wrote: folks ;
  I have 4215 with just one monitoring interface and i upgraded that box to
release 5.1 , will it be possible do inline mode for IPS 4215 with just one
monitoring interface by using sub-interfaces on that monitoring interface ??

  another question , assume i have two physical monitoring interfaces to do
the inline , will each one of those two interfaces be in separate subnet and
the IPS do the routing , or it sits as transparent device in between?

  appreciate the assistance

---------------------------------
It's here! Your new message!
Get new email alerts with the free Yahoo! Toolbar.

• Next message: Farrukh Haroon: "Re: Cisco ASA and VRF"
• Previous message: Edward Norton: "Re: IPS 4215 inline mode"
• Maybe in reply to: Edward Norton: "IPS 4215 inline mode"
• Next in thread: Farrukh Haroon: "Re: IPS 4215 inline mode"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:53 ART