[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Cisco Monitoring Problem

Posted on 2007-10-03
7
Medium Priority
?
629 Views
Last Modified: 2012-06-21
Hey here what i need to do :)

I have Cisco Catalist 2950 and i have more then 200 PC's i have one SERVER special added in the switch just to Monitor all trafic which is send to my PIX which is added in the switch in.
i use Ethernal for monitoring

when i set monitor on my switch and add the command :
monitor session 1 source interface gigabit0/1
monitor session 1 destination interface fa0/24

My server is getting DAMN CRAZY dosent move and its :

IBM-XSERIES_364
Intel(R) Xnenon(TM) 3.60GHZ
with 3Giga RAM

i really dont understande why my Server crashes
0
Comment
Question by:munemgumen
  • 3
  • 2
6 Comments
 
LVL 2

Expert Comment

by:atyar
ID: 20008865
What is connected to your gigabit 0/1 interface - if it's an uplink to another switch, that's not the interface you'd want to select.  I've done this before, using wireshark (ethereal's current iteration), by mirroring the switchport that the pix is connected to to the switchport the wireshark monitoring server is connected to.  Also, configure ethereal/wireshark to monitor traffic with the destination ip of your pix, so you aren't picking up all the broadcast crap traffic.
0
 

Author Comment

by:munemgumen
ID: 20012734
So i have just one switch and all goes inside in.

So my pix is on my 11-port and my BACKUPserver is on 16

i fxided up the swhitch with the connamd up and all just ins getting on my Server i dont have even time to set up anything the damn server just BLOCKS.

what do you think ?

regards, Igor
0
 
LVL 2

Expert Comment

by:atyar
ID: 20012941
I don't quite understand what you're saying in your last post.
It sounds like you're saying this 'backupserver' is on a different switch (16-port) than the pix (11-port), but you start by saying 'So I have just one switch....'.  Is it 1 switch with vlans - is that what you mean?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:munemgumen
ID: 20013103
i have Switch Cisco Catalyst 2950

I have the PIX on the other side which is connected to this PIX and its on port 11.
all other subnetworks are connected to this mail Switch i had one more free port on this switch and i added an special server there just so i monitor all traffic on port 11

there i think you can understande me now.
0
 
LVL 2

Accepted Solution

by:
atyar earned 2000 total points
ID: 20013391
Ok - so if I understand correctly, the pix is on port 11, and the monitoring server is on port 16.  
1)Setup port mirroring so that port 11traffic  is mirrored to port 16
2)Configure ethereal on the monitoring server to sniff traffic bound for the pix's ip address.

That should do it.
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20237701
Forced accept.

Computer101
EE Admin
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question