Question of SPAN and VACL

Unanswered Question
May 14th, 2009
User Badges:

According to the following Cisco's document,we set up the span session and VACL for packet capture purpose on the Cat6500.


http://www.cisco.com/en/US/tech/tk389/tk814/technologies_configuration_example09186a00808122ac.shtml#vacl_config


But when I setup the capture port connected my laptop running Wireshark, I got the following issue message"Capture not allowed on a SPAN destination port". Could you please give me a thought? Thanks a lot!



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Thu, 05/14/2009 - 23:13
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Huan,

you have configured both SPAN and capture VACL, but I think they are alternate ways to perform the same task.


if you look at the example in the document you have linked it doesn't use any monitor session commmands see section

"Configuration with VACL"


the commands

switchport capture allowed vlan 40

switchport capture


are enough to make g2/7 destination port for VACL capture feature.


If you want to use VACL capture feature remove SPAN commands.


Hope to help

Giuseppe




HWangLoyalty_2 Fri, 05/15/2009 - 05:24
User Badges:

thanks for your response!

I just moved the span session and kept VACL. It looked like working fine.

Actions

This Discussion