|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[ISSForum] Trouble Spanning ports for IDS
From: Richard Rohrich (rwrohrich
yahoo.com)
Date: Tue Feb 10 2004 - 18:03:29 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Has anyone experienced problems like this?
We have two Cisco 2950-G switches feeding the gig
ports of two firewalls. (each going to GI0/1 of a
switch) GI0/2 of each switch go to our two core
switches (6500's) (These links are non-trunking)
A Trunked link on port FA0/24 of each switch supports
our failover.
We need to IDS monitor the traffic on both switches.
Either one could be used for internet traffic, and we
do realize the risk of over subscription.
We tried using a third 2950, trunked to port FA0/23 of
each of the two 2950-G's and used RSPAN to put all the
traffic into VLAN 999, then using a destination por on
the thirds switch to push all the VLAN999 traffic to a
HUB that holds our IDS probe and SurfControl box.
It appears to give us traffic in this configuration,
but even when the destiation port is set for "ingress
vlan 1" to accept input from the IDS/SurfControl (TCP
Resets) it does not work.
Anyone have any ideas?
__________________________________
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online.
http://taxes.yahoo.com/filing.html
_______________________________________________
ISSForum mailing list
ISSForumiss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]