Cisco port mirror/cisco 2950

From WFilter Documents and Tutorials
(Difference between revisions)
Jump to: navigation, search
 
(7 intermediate revisions by one user not shown)
Line 3: Line 3:
 
Cisco 2950 port mirroring setting
 
Cisco 2950 port mirroring setting
  
== Introduction ==
+
== Defining Port Mirroring ==
<p>This document demonstrators how to deploy WFilter with a cisco 2950 switch. The network topology diagram:</p>[[image:Figure_1.png]]<br>
+
 
<p>You need to setup a mirroring port in the cisco 2950 switch.</p>
 
<p>You need to setup a mirroring port in the cisco 2950 switch.</p>
 
<p>In this example, internet router is connected to "Port 23", WFilter computer is connected to "Port 22". To monitor all internet traffic, we need to mirror "port 23" to "port 22".</p>
 
<p>In this example, internet router is connected to "Port 23", WFilter computer is connected to "Port 22". To monitor all internet traffic, we need to mirror "port 23" to "port 22".</p>
  
  
 +
<p> Mirroring commands: </p>
 +
Set source port
 +
monitor session 1 source interface Fa0/23
 +
Set target port
 +
monitor session 1 destination interface Fa0/22 ingress vlan 1
  
== Mirroring commands ==
 
===Set source port===
 
monitor session 1 source interface Fa0/23
 
===Set target port===
 
monitor session 1 destination interface Fa0/22 ingress vlan 1
 
  
 +
<p>Please notice, the mirroring port of cisco 2950 is recv-only by default. However WFilter shall be able to send packages for blocking purpose. So in this example, we add "ingress vlan 1" parameter to enable outgoing traffic on port 22. If your switch does not support "ingress" parameter, you need to add another NIC as the blocking adapter.</p>
  
 
+
[[Category:Deployment]]
==Notice==
+
[[Category:Cisco]]
<p>Please notice, the mirroring port of cisco 2950 is recv-only by default. However WFilter shall be able to send packages for blocking purpose. So in this example, we add "ingress vlan 1" parameter to enable outgoing traffic on port 22. If your switch does not support "ingress" parameter, you need to add another NIC as the blocking adapter.</p>
+

Latest revision as of 10:45, 30 July 2014


Cisco 2950 port mirroring setting

[edit] Defining Port Mirroring

You need to setup a mirroring port in the cisco 2950 switch.

In this example, internet router is connected to "Port 23", WFilter computer is connected to "Port 22". To monitor all internet traffic, we need to mirror "port 23" to "port 22".


Mirroring commands:

Set source port

monitor session 1 source interface Fa0/23 

Set target port

monitor session 1 destination interface Fa0/22 ingress vlan 1


Please notice, the mirroring port of cisco 2950 is recv-only by default. However WFilter shall be able to send packages for blocking purpose. So in this example, we add "ingress vlan 1" parameter to enable outgoing traffic on port 22. If your switch does not support "ingress" parameter, you need to add another NIC as the blocking adapter.

Personal tools
Namespaces

Variants
Actions
Navigation
Tools