I purchase a Cisco Catalyst 500 Express switch. When need to use it with a SPAN port (or Trunk). I have seen in some documentation how to configure the SPAN port on this specific model. (using the CNA, smartports et Diagnostics port) The fact is that i'm not able to sniff the whole VLAN. I can only sniff on 1 port if I use this option. I think it's the only way that switch can sniff. But we buyed this switch for IDS listing on VLAN. Is there a way how we can do it ?
Fa01 to Fa015 are VLAN 2, Fa15 is the stealth card of the IDS, so Fa15 is Diagnostics configured and the Ingress Vlan is the VLAN 2 (butu it ask for a specific port) so the port I specify is the only port i'll be able to see the traffic. But I want to see traffic between the whole VLAN2.
Anyone can help me ? Or should I buy a better switch ?
I don't think you an do that level of detail on the CE500. It will let you select a port and ingress VLAN, but not multiple of either. You'd something like another switch with a NAM to get this leve of detail.
Also, the CE500 supports Local SPAN and does not support Remote SPAN.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...