?
Solved

Need help/confirmation on RSPAN multiple switches configuration

Posted on 2009-04-28
1
Medium Priority
?
640 Views
Last Modified: 2012-05-06
I'm going to install an IDS sensor to monitor some network segments. I've been reading some cisco documentation and I htink I've got it right, but wanted to have the config checked, as well as check if an assumption I've made is correct.

Hardware:
Switch 1 & 2 - Cisco Catalyst 3560
Switch 3 - Cisco Catalyst 3130G (Blade switch)

See picture for simple switch configuration, as well as vlan configuration. I will connect the sniff port on the IDS to gi0/48 on switch 1.

Assumption: A monitor session #1 at one switch is not the same as monitor session #1 on another switch, correct?

Presuming the above is correct about monitor session numbering, and that I want to have all traffic going into and coming out from devices/servers in vlan 30,40 and 50; this is what my config should be like, please correct me or verify it's correct:

Switch 3:
 vlan 99
  remote-span
 monitor session 1 source vlan 30 , 40 , 50 both
 monitor session 1 destination remote vlan 99

Switch 2:
 vlan 99
  remote-span
 monitor session 1 source vlan 30 , 40 , 50 both
 monitor session 1 destination remote vlan 99

Switch 1:
 vlan 99
  remote-span
 monitor session 1 source vlan 30 , 40 , 50 , 99 both
 monitor session 1 destination interface gi0/48

(not directly important, but my switch 1 is also vtp domain server, while sw2/3 is vtp client, so I manage my vlans on sw1)
20090428---Cisco-RSPAN-02.jpg
0
Comment
Question by:Joffer
1 Comment
 
LVL 2

Accepted Solution

by:
Jitpar earned 2000 total points
ID: 24283302
Assumption: A monitor session #1 at one switch is not the same as monitor session #1 on another switch, correct?
Yes, this is correct. Both will have seperate sessions.
The config is absolutely correct. For further reference, you can use the following link.
http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.1_19_ea1/configuration/guide/swspan.html#wp1081130 
 
 
 


0

Featured Post

Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

AWS has developed and created its highly available global infrastructure allowing users to deploy and manage their estates all across the world through the use of the following geographical components   RegionsAvailability ZonesEdge Locations  Wh…
Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question