I have a Cisco WS-C2960S-24TS-S switch and would like enable a port mirror for network analyzer (such as Snort). I could not see any options in the GUI interface.
Is it possible, and how do I enable it without a reboot?
Asked
Active
Viewed 1.0k times
1
-
1I've never used a GUI interface to manage my switches, but i think that C2960S is able to do that. From the console (or ssh/telnet) i would try (in conf t mode) : "monitor session 1 source interface fa0/12 both" and "monitor session 1 destination interface fa0/4" – krisFR Dec 11 '13 at 14:08
-
this is the way it works. if you would like to have access to the network on your Snort Box you had to specify an ingress VLAN in the destination interface command "monitor session 1 destination interface fa0/4 ingress vlan X" – user1008764 Dec 11 '13 at 14:14
-
thank you for your replies. there is currently no vlan setup. do I just put vlan 1? – John Dec 11 '13 at 14:23
1 Answers
2
You use the command line to enable port mirroring/SPAN, and a reboot is not required.
The below example (from the linked document) will mirror the traffic on Gigabit Ethernet port 0/1 to Gigabit Ethernet port 0/2.
Switch(config)# no monitor session 1
Switch(config)# monitor session 1 source interface gigabitethernet0/1
Switch(config)# monitor session 1 destination interface gigabitethernet0/2
encapsulation replicate
Switch(config)# end
HopelessN00b
- 53,385
- 32
- 133
- 208