Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

Span Port (For Whole Vlan)

Hi All,

I have a similar setup to the attached. I want to make sure that I mirror all traffic going through vlan 1. The Server is my device that I will be mirroring all traffic to. How do I ensure that traffic from all switches on VLAN 1 is mirrored to the port the server is plugged into? 

On the Core switch I currently have the following -


monitor session 1 source vlan 1
monitor session 1 destination interface Gi4/0/22  (This is where my server is plugged into)

But I don't think I'm actually monitoring traffic from the other switches. Is there something else I need to add / configure on my access switching to ensure I'm spanning all VLAN 1 traffic from all switches to my server?

 

Thanks

 

1 REPLY

Are you monitoring on an

Are you monitoring on an egress switch like the switch that the default gateway is for all of your users? If so, you should be capturing everything. If not, you'll possibly need to move your capture. This type of capture is local to a switch. The only other way that I know if is to create an RSPAN session on every switch that you want to capture from. You create a special remote span vlan. On the edge switch, monitor for vlan 1 as the source, and the destination is that special vlan. Do that for every switch. On your capture switch, monitor the source of the special vlan and then your destination would be your port. You would capture all traffic at that point..

HTH,
John

HTH, John *** Please rate all useful posts ***
56
Views
0
Helpful
1
Replies