09-16-2009 01:17 PM - edited 03-06-2019 07:45 AM
Can just the L3 traffic that flows between VLANs (not within them) be monitored/mirrored in a 3750 switch or similar? How would you set it up?
Thanks.
09-17-2009 12:19 AM
As far as I understand, there is no way to get this done over 3750. The routed traffic across Vlan's could only be monitored using Netflow which is not an available option on 3750.
It could be achieved on 4500's with Supervisor's installed with Netflow Daughter card or with 6500.
For 4500 refer to this:
http://www.ciscotaccc.com/kaidara-advisor/lanswitching/showcase?case=K14682540
For 6500:
Regards,
Deepak Yadav
09-17-2009 09:03 AM
Thanks, Deepak. Any idea if it can be done using VLAN ACL capture?
09-17-2009 12:14 PM
Hello Paul,
this would be a good idea.
unfortunately command reference for 12.2(44)SE shows that the action command supports only forward or drop option I don't see a capture option
see
Hope to help
Giuseppe
09-17-2009 01:00 PM
Thank you, Giuseppe.
I wonder what it means on p.13 of
when it shows 3750 supporting VACLs with "capture and logging" of "denied traffic"?
09-17-2009 10:45 PM
Hi Paul,
VACL capturing is a good option on cat6k platforms, unfortunately it's not supported on 3750 and other 3K switches.
For the above link there is a documentation bug filed: CSCta66401
"Cisco Catalyst Switch Guide lists VACL Capture as supported on 3750/3560"
Although it does not have any documented Release notes, however I can confirm that it is on the same document.
I searched a lot, however was not able to find any option for 3750 platform.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: