Cisco Cisco Firepower Management Center 4000 Installationsanleitung
3-9
Cisco NGIPS for Blue Coat X-Series Installation and Configuration Guide
Chapter 3 Installing Cisco NGIPS for Blue Coat X-Series
Preparing for the Installation
where
bridge_circuit_name
is the name of the bridge circuit you are creating, and
vap_group_name
is
the name of the VAP group you want to create and assign to that bridge circuit. For example, to create
and assign a VAP group named
and assign a VAP group named
ABC
to a new template circuit named
bridge_one
, enter the following:
CBS# configure circuit bridge_one
CBS(conf-ct)# vap-group ABC
CBS(conf-cct-vapgroup)# end
CBS#
Repeat this step for all inline sensing circuits associated with the VAP group. Then repeat the step for
each inline sensing circuit on the VAP group. For example, if you want to use two inline sensing circuits
on the VAP group, you can create the following template circuits:
each inline sensing circuit on the VAP group. For example, if you want to use two inline sensing circuits
on the VAP group, you can create the following template circuits:
–
bridge_one_1
–
bridge_one_2
Tip
You
must create all template circuits before creating child circuits to ensure that system resources are
properly distributed.
Creating Child Circuits
For inline deployments, child circuits provide a logical connection, or a bridge, through a VAP group
and between network interfaces. You must configure child circuits using
and between network interfaces. You must configure child circuits using
promiscuous-mode active
.
Later you will connect the child circuits as a
bridge-mode
bridge configured in transparent mode, as
described in
The series of commands, detailed in the following procedure, creates two child circuits (a circuit named
n1e1
on a device named
n1e1
, and a circuit named
n1e3
on a device named
n1e3
) for an inline
deployment of Cisco NGIPS for Blue Coat X-Series on the VAP group named
ABC
:
CBS# configure circuit n1e1
CBS(conf-cct)# link-state-resistant
CBS(conf-cct)# device-name n1e1
CBS(conf-cct)# vap-group ABC
CBS(conf-cct-vapgroup)# promiscuous-mode active
CBS(conf-cct-vapgroup)# end
CBS# configure circuit n1e3
CBS(conf-cct)# link-state-resistant
CBS(conf-cct)# device-name n1e3
CBS(conf-cct)# vap-group ABC
CBS(conf-cct-vapgroup)# promiscuous-mode active
CBS(conf-cct-vapgroup)# end
CBS#
To configure child circuits:
Step 1
Create child circuits for inline interfaces by entering the following commands separately and in
sequence:
sequence:
CBS# configure circuit circuit_name
CBS(conf-cct)# link-state-resistant
CBS(conf-cct)# device-name device_name
CBS(conf-cct)# vap-group vap_group_name
CBS(conf-cct-vapgroup)# promiscuous-mode active
CBS(conf-cct-vapgroup)# end
CBS#
where
circuit_name
is the name you assign to the circuit,
device_name
is the name of the device hosting
the circuit, and
vap_group_name
is the name of the VAP group hosting the device.