How to best use IDSM in promiscuous mode?

Discussion in 'Cisco' started by Hoffa, Sep 20, 2007.

  1. Hoffa

    Hoffa Guest

    Hi folks

    I need some input and ideas how to best set up my IDSM2 module.
    Today I have the module set up to capture traffic from the 6513 using
    SPAN in both directions and two different firewalled VLANs as sources.
    The destination is data-port 1 on the IDSM. This setup is working fine
    but I'm curious as how to best use the second data-port. Our 6513 runs
    IOS 12.2(18)SXF3 and has a limit of only one SPAN session set up to
    capture an entire VLAN in both directions.
    My idea was to use the second data-port as SPAN destination for our
    external/non-firewalled VLAN, but this isn't allowed.
    Does anyone have or had a similar problem? Would using a VLAN access
    list with data-port 2 as destination be an option or are the dual IDSM
    interfaces mainly used for inline mode?

    Regards
    Fredrik Hofgren
     
    Hoffa, Sep 20, 2007
    #1

    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. NBAR os IDSM-2 to monitor multiple vlans

  2. IDSM-2 blades in redundant environment

  3. Cisco 6500 - how to change from router mode to hybrid (switch mode)

  4. IDSM-2 config

  5. Safe Mode (?) - It is meant to be normal mode but looks like safe mode

  6. Promiscuous Mode

  7. Using promiscuous mode on a catalyst vs. muliple dmzs on a firewall

Loading...