Packet capture

Unanswered Question

Hi my network is like this.


ISP-->Router--->ASA(PATTED)----trunk/routed port------------------> Switch(vlans)--->internal users



Valns are not communicating among each other.I am able to capture the packet on particular vlan.Say vlan5 with 192.168.5.1 gateway.A host with ip 192.168.5.10 (acting as capture wireshark server)and gateway as that of 192.168.5.1 is able to capture the traffic.The other vlan say with vlan6 is with ip 192.168.6.1 as g/w n so on.


All traffic from all vlans 5,6 and so on is routing traffic towards ASA with routed/trunk port.

I wanted to capture traffic for whole network using one node in exsiting vlan and capture the traffic.How can I achieve that in existing setup.


Thanks,

Sushil

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
Loading.
Ganesh Hariharan Fri, 01/15/2010 - 03:51
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

Hi Sushil,


You can create a span port and make that port to capture traffic for all the vlan by this command in switch


monitor session 1 source vlan range

monitor session 1 destination interface "desktop ip"


As  you have already stated that wireshark is running in your PC and configure that interface as destination port for traffic spanning.


Hope that helps out your query !!


Regards

Ganesh.H

Actions

This Discussion