Cisco Ios Software - Cisco 4215 - Intrusion Detection Sys Sensor Configuration Manual

Configuring the Catalyst Series 6500 Switch for IDSM-2 in Inline Mode

Cisco IOS Software

Cisco IOS software 12.2(18)SXE with Supervisor Engine 720 supports only one IDSM-2 inline between
Note
two VLANs.
Configure the IDSM-2 monitoring ports as access ports for inline operation.
Etherchannelling inline IDSM-2 is not yet supported in Cisco IOS.
Note
To configure inline VLANs, follow these steps:
Log in to the console.
Step 1
Enter global configuration mode:
Step 2
router# configure terminal
Create two VLANs, one for each side of the inline IDSM-2:
Step 3
router(config)# vlan vlan_number
router(config)# name vlan_name
router(config)# exit
router# exit
Configure an IOS access port for each interface on each inline VLAN, if you have not done so already:
Step 4
a.
b.
c.
d.
e.
f.
g.
Configure one IDSM-2 data port to be on each of the two VLANs you created in Step 3.
Step 5
router# configure terminal
router(config)# intrusion-detection module slot_number data-port data_port_number
access-vlan vlan_number
router(config)# exit
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
15-18
Enter global configuration mode:
router# configure terminal
Select the IOS interface to be configured:
router(config)# interface interface_name
Enter a description so you know what the interface is for:
router(config-if)# description description
Configure the interface as a layer 2 switchport:
router(config-if)# switchport
Configure the access mode VLAN:
router(config-if)# switchport access vlan vlan_number
Configure the interface/port to be an access port:
router(config-if)# switchport mode access
Exit global configuration mode:
router(config-if)# exit
router# exit
Chapter 15 Configuring IDSM-2
78-16527-01