Firewall Wizards mailing list archives
Re: Forwarding traffic to an active IDS/Firewall
From: Aaron Smith <smitha () byui edu>
Date: Thu, 21 Jul 2005 15:49:13 -0600
On Wed, 2005-07-13 at 18:39 -0300, Vinicius Pavanelli Vianna wrote:
Hi all, Anyone knows how I can forward all traffic the came to a Cisco Catalyst swith to an gateway to do some IDS/Firewall/Traffic Shape? In ipfw (freebsd) this would be done by an "fwd" rule to forward all packets to an forced gateway, this can be done in an cisco device or i need to emulate all the valid IPs on the switch and use a VLAN with the servers so the IDS receive the packets and forward to the internal VLAN, this would be a little harmful ;) TIA, Vinicius
It sounds to me like you are wanting to do a port SPAN. A SPAN will forward all [1] traffic from one port to another for analysis, making it appear that both switched ports are in the same collision domain. Cisco's site has documentation for CatOS and IOS on configuring SPANs, but from memory it's goes something like this in IOS: (conf t) monitor session 1 source interface blah blah (conf t) monitor session 1 destination interface blah blah In CatOS it's something like "set port span" or "set span", I don't fully recall. I hope this is enough to get you started :~) [1] almost all--some error packets get dropped. Thanks a lot, cisco :~\ _________________________________ @@ron Smith <smitha () byui edu> Network Operations Brigham Young University Idaho _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Forwarding traffic to an active IDS/Firewall Vinicius Pavanelli Vianna (Jul 21)
- RE: Forwarding traffic to an active IDS/Firewall Paul Melson (Jul 21)
- Re: Forwarding traffic to an active IDS/Firewall Dale W. Carder (Jul 21)
- Re: Forwarding traffic to an active IDS/Firewall Vinicius Pavanelli Vianna (Jul 22)
- Re: Forwarding traffic to an active IDS/Firewall Aaron Smith (Jul 21)