Configuring Span; Catalyst Software - Cisco 4215 - Intrusion Detection Sys Sensor Configuration Manual

Configuring the Catalyst Series 6500 Switch for IDSM-2 in Promiscuous Mode
If you have reset problems with the IDSM-2, try the following:
•
•

Configuring SPAN

IDSM-2 can analyze Ethernet VLAN traffic from Ethernet or Fast Ethernet SPAN source ports, or you
can specify an Ethernet VLAN as the SPAN source. This section describes how to configure SPAN, and
contains the following topics:
•
•

Catalyst Software

Use the set span command in privileged mode to enable SPAN to IDSM-2.
IDSM-2 port numbers are 7 or 8 only.
Note
The following options apply:
•
•
•
•
•
•
•
•
•
•
•
•
To enable SPAN on IDSM-2, follow these steps:
Log in to the console.
Step 1
Enter privileged mode:
Step 2
cat6k> enable
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
15-8
If the sensing ports are access ports (a single VLAN), you need to configure the reset port to be in
the same VLAN.
If the sensing ports are dot1q trunk ports (multi-VLAN), the sensing ports and reset port all must
have the same native VLAN, and the reset port must trunk all the VLANs being trunked by both the
sensing ports.
Catalyst Software, page 15-8
Cisco IOS Software, page 15-10
disable—Disables port monitoring.
module/port—Source module and port numbers.
vlan—Source VLAN numbers.
module/port—Destination module and port numbers.
both—Both receiving and transmitting traffic.
filter—Applies filter to VLAN.
inpkts—Enables/disables destination port incoming packets.
learning—Enables/disables MAC address learning.
multicast—Enables/disables multicast traffic.
rx—Receiving traffic.
session— Session number for SPAN session.
tx —Transmitting traffic.
Chapter 15 Configuring IDSM-2
78-16527-01