Spanning a port disables remote access from my desktop

Posted on 2006-04-12
Medium Priority
Last Modified: 2013-12-06
Greetings Experts,

I have an IDS system (Fedora core 4) that is plugged into a switch (on port 3) that is configured to copy traffic on ports 1 and 2.  Before this configuration I was able to ssh to the IDS box and ping it from my desktop.  However, after I set up the configuration for port spanning I am not able to connect.  Can someone give me an idea of what could be the problem?  Your thoughts, ideas or comments most certainly appreciated.

Question by:Ironman88
LVL 15

Accepted Solution

Frabble earned 1000 total points
ID: 16438271
Depends on the switch but the span will usually stop incoming packets on the destination port because bridging loops can occur. While you could probably allow incoming to be able to access the box, best solution is to use two interfaces connected to a switch port each. One is for control and access while the other monitors the mirrored ports.

Expert Comment

ID: 16443871
Frabble is right,

if you SPAN a port, the TX pair on that port is effectivly disabled - thus preventing your IDS from participating on the network
You need to add a second nic to your FC box, and connect that to your network so you can ssh.

took me days to figure that one out :)

Author Comment

ID: 16452719
Thank you that was just what the doctor ordered.  I added the second nic and life is much better.


Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This program is used to assist in finding and resolving common problems with wireless connections.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question