Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Port monitor not allowing local traffic...

Greetings -

ON a 3750 switch, I have a windows system with Ethereal on it, which I'm remote-controlling via VNC. I configure the 3750 with:

monitor session 1 source int gi1/0/12

monitor session 1 dest int gi1/0/10

Obviously this copies all the traffic from 1/0/12, to 1/0/10 just fine. However, it's preventing the machine that's on 1/0/10 from sending/receiving its OWN traffic on the LAN. ie. I can't maintain a VNC session to my ethereal machine, after I enable the monitor session. Is this by design, or can I alter the command to allow local traffic to/from the destination, so I can VNC to my ethereal machine?

10 REPLIES
New Member

Re: Port monitor not allowing local traffic...

When set a port to be destination for SPAN traffic it will only collect information from a source and cannot be used a "normal" network traffic.

So you will need to install a second NIC connected to another port on the switch on the VNC client computer to be able to remote control a the monitoring computer.

Here is a good link:

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a00801cdee2.html

New Member

Re: Port monitor not allowing local traffic...

Do you know why I can connect to a SPAN destination port to remote control my portable running sniffer software if I enable ingress forwarding for that monitor session destination port?

This only works with a NIC with enahnced drivers I got from the Sniffer software developers Network General.

Re: Port monitor not allowing local traffic...

Hi Friend,

By default in normal configuration SPAN destination port will not let normal traffic in LAN to be forwarded for that port and is only used for monitoring purpose but incase you want forwarding of incoming traffic on the destination SPAN port you need to configure "ingress" command in SPAn destination configuration.

Something like this

monitor session 2 destination interface gig1/0/2 encapsulation replicate ingress dot1q vlan 6

Have a look at this link for more details

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3750/12225see/scg/swspan.htm#wp1260596

HTH, if yes please rate the post.

Ankur

New Member

Re: Port monitor not allowing local traffic...

Ankur,

Thanks for reply. But I have ingress enabled on a 3550 switch and can connect to my sniffer portable via the LAN but on an identical switch with another laptop with same SPAN configuration I cannot connect to that portable? Any ideas.

The destination port is thus:

monitor session 1 destination interface fa0/37 ingress vlan 1

Thanks

Re: Port monitor not allowing local traffic...

Hi Friend,

If ingress command is enable you should be able to connect provided you have a proper route for that sniffer portable connected to 3550 on vlan1.

Just check if you have a proper route to the machine.

Regards,

Ankur

New Member

Re: Port monitor not allowing local traffic...

I am not sure what is meant by a "proper route" or how to check for it.

Thanks.

Re: Port monitor not allowing local traffic...

Hi Friend,

As you said you are able to connect to one portable sinnfer on 3550 but not on another which is on snother 3550 switch.

Are they both on same subnet? Are the 2 switches connected directly?

Also to check if ingress command is working do you have any other machine on vlan 1 on same 3550 on which you have portable sniffer to which you are not able to connect. If not can you connect one pc to vlan 1 and try to ping to that portable sniffer and see if you get a reply.

Regards,

Ankur

New Member

Re: Port monitor not allowing local traffic...

Hi Ankur,

I appreciate all your help so far with this.

Does the NIC on the portable need any special or enhanced drivers. The second portable that I cannot see on the network does not have the General Network Sniffer sotware withits enhanced NIC drivers.

It is just using Ethereal and no special NIC drivers.

Thanks

Cisco Employee

Re: Port monitor not allowing local traffic...

Monitor ports ingress traffic will be dropped and so you will not be able to establish the network connectivity with the Analyser

New Member

Re: Port monitor not allowing local traffic...

I can do it with one portable but not the other - what is the difference?

174
Views
3
Helpful
10
Replies
CreatePlease to create content