Kingsley,
It is possible to bridge two disparate networks together using inline pair or vlan pair. The problem is not the IPS it would be the two devices on each side. They will have no idea how to communicate with each other as they are on separate networks. So although the IPS could technically do it no traffic is going to flow thru the IPS because routing requires communication from end to end. Regards, Tyson Scott - CCIE #13513 R&S and Security Technical Instructor - IPexpert, Inc. Telephone: +1.810.326.1444 Cell: +1.248.504.7309 Fax: +1.810.454.0130 Mailto: [email protected] Join our free online support and peer group communities: <http://www.IPexpert.com/communities> http://www.IPexpert.com/communities IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On Demand and Audio Certification Training Tools for the Cisco CCIE R&S Lab, CCIE Security Lab, CCIE Service Provider Lab , CCIE Voice Lab and CCIE Storage Lab Certifications. From: [email protected] [mailto:[email protected]] On Behalf Of Kingsley Charles Sent: Saturday, August 29, 2009 7:20 AM To: Stuart Hare Cc: [email protected] Subject: Re: [OSL | CCIE_Security] IPS Sensor inter vlan pair mode with vlans in different subnet Hi Stu In most of the cases, each vlan has it's own subnet. Sensor interface supports 802.1q trunking but doesn't support interface vlan routing. I think, the limitation of not having inter vlan routing prevents bridging with routing of vlans with different subnets. In the case of inline vlan pair mode, how does the sensor decide/know which packet that it needs to bridge between the vlan pairs. With regards Kings On Sat, Aug 29, 2009 at 3:11 PM, Stuart Hare <[email protected]> wrote: Kings This is where u would use inline interface pairs instead of vlan pairs. Set up the switchports as access to ur respective vlans and assign both of the interfaces to a single inline pair. Hth Stu Sent from my iPhone On 29 Aug 2009, at 10:14, Kingsley Charles <[email protected]> wrote: Hi all IPS Sensor supports inter vlan pair mode with interface in the trunking mode. The sensor actually bridges i.e., swaps the vlan id of the incoming frame. Here, should both VLANs should be in same subnet. Can the VLAN be in different subnets? VLAN A - 10.20.30.0/24 VLAN B - 10.30.20.0/24 Can the sensor's interface be configured in inline vlan pair mode between vlan A and B? With regards Kings _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com <http://www.ipexpert.com/>
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
