• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1156
  • Last Modified:

Cisco Catalyst 5509, 3500XL and Cisco 1720 router

OK to make a long story short here is my situation.  We had an external ISP/IT Support contract with a company that went BK.  I am unable to get in touch with any of their technical support staff (they all left the company).  I am not at all familiar with Cisco equipment but i have quite a bit of experience with NT and general networking.  Here is what i would like to do:

1 - I would like to be able to configure 1 10/100 port on the cisco Catalyst 5509 for network monitering (i.e. i would like it to be able to see all the packets going to and from any single port i designate on the switch).

2 - I would like to be able to configure 1 10/100 port on the cisco Catalyst 3500 XL for network monitering (i.e. i would like it to be able to see all the packets going to and from any single port i designate on the switch).

3 - We currently have 2 Cisco 1720 routers, One is from our old and now bankrupt ISP, and one is for our new ISP.  I would like to be able to download the configuration of the new ISP's 1720 and load it into the old ISP's 1720 for use as a back up.

Unfortunately i do not have passwords for any of the Cisco equipment except for the 1720 router for our new ISP.  I am not even sure if the Catalysts even have a password as i have not even attempted getting into them yet.

Thanks, Kal
1 Solution

I guess in order to do that, u need to do few things:-

To configure 1 port for Network Monitoring for Cat 5509/3500 switch,u need to make sure that ur currrent IOS software supporting a features called port mirroring. This is because in a switched environmnet, u cannot see all the traffic in the box like a hub/shared environment. What this port-mirroring do is to mirror all port in that particular switch to a management port.

I think..if i'm not mistaken , IOS 12.0 shud support that features.

3. Do u have any backup configuration from the old ISP router with u? in hardcopy or softcopy? As far as i know, we can reset the passwd in cisco router, but it will be back to factory default..and all the current config will be lost..probably other people will have a  better idea.

Hopes help
This link will provide you step-by-step password recovery for each model product. Piece of cake..


Akhmal is correct, you need to set one port on both the 5509 and the 3500 as a mirror port (SPAN port), then identify all the other ports that you want to monitor..

Try these for guidance:



For 3500:
port monitor
Use the port monitor interface configuration command to enable Switch Port Analyzer (SPAN) port monitoring on a port. Use the no form of this command to return the port to its default value.

port monitor [interface | vlan vlan-id]

no port monitor [interface | vlan vlan-id]

Syntax Description  interface
 (Optional) Module type, slot, and port number for the SPAN to be enabled. The interface specified is the port to be monitored.
vlan vlan-id
 (Optional) ID of the VLAN to be monitored. Valid IDs are from 1 to 1000; do not enter leading zeroes. A monitor port must be a member of the same VLAN as the port monitored.


Port does not monitor any other ports.

KallikAuthor Commented:
thanks, the password recovery procedures were invaluable
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now