totaram
asked on
Wireshark usage: How to get stats on cisco router
I am new to wireshark and want to get some stats (like DHCP, ARP) on cisco router. When I telnet into the router using the broadcom port of my laptop, I only get the activity showing TELNET/TCP? Is there any way to get the router activity esp for E0/0?? Any pointers on wireshark usage will be highly appreciated.
You could also set a SPAN port on you switch to send all the traffic from the routers port to your port.
ASKER
We have Cisco 2811, and are facing some issues with DHCP allocation from server. Just want to get the trace of the DHCP requests and responses. On google search, I came up @ Cisco IOS Netflow, is that what you are referring to? Prabably, we have to buy that from Cisco....
ASKER
How do you put SPAN on switch port to go thru router to my laptop/PC port?
What switch do you use?
Also, are you connected to the same switch as the routers?
ASKER
Cisco switch 2950, IOS 12.1(20)
C2950#configure terminal
C2950(config)#
C2950(config)#monitor session 1 source interface <router's interface>
C2950(config)#monitor session 1 destination interface <laptop's interface>
http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008015c612.shtml#topic5
C2950(config)#
C2950(config)#monitor session 1 source interface <router's interface>
C2950(config)#monitor session 1 destination interface <laptop's interface>
http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008015c612.shtml#topic5
ASKER
mrwalker, I can not directly log in to switch, I can log in to router from my laptop/PC and then to switch. Is there any way to set the destination interface?
is your machine physically connected to the same switch? if so, you have to assign the interface that your physically connected as the destination interface.
ASKER
No, we are miles away from Router/switch. I telnet to the router.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Very good, thank you so much for your input,
ASKER
The issue is closed.
Scrutinizer is a free netflow analyzer.
http://www.plixer.com/products/free-netflow.php
Which Cisco router do you have? I can help with the netflow set up or you can just google "netflow" and your router model.