Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

question in Port Mirroring

Posted on 2011-03-17
7
Medium Priority
?
544 Views
Last Modified: 2012-05-11
Hi i have two cisco switched 4500 . On switch A i have websense web monitor . On this Switch i have
HOUSWCORE1#sh monitor session 10
Session 10
----------
Type                   : Remote Destination Session
Source RSPAN VLAN : 999
Destination Ports      : Gi1/45


and the web monitoring works fine

On Switch B , i also have a websense. On this switch i see

DALSW0010#sh monitor session 5
Session 5
---------
Type              : Remote Destination Session
Source RSPAN VLAN : 999
Destination Ports : Gi4/1
    Encapsulation : Native
          Ingress : Disabled
         Learning : Disabled

and the web filter doesnt work . How do i enable ingress and learning ?
0
Comment
Question by:c_hockland
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 

Author Comment

by:c_hockland
ID: 35160870
actually the issue is that web filter on Switch B is not monitoring anything.
0
 
LVL 18

Accepted Solution

by:
decoleur earned 1000 total points
ID: 35162312
are you sure that the second switch has the RSPAN VLAN configured on it?

look at http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.1_19_ea1/configuration/guide/swspan.html#wp1200730

The RSPAN VLAN carries SPAN traffic between RSPAN source and destination sessions. It has these special characteristics:

•All traffic in the RSPAN VLAN is always flooded.

•No MAC address learning occurs on the RSPAN VLAN.

•RSPAN VLAN traffic only flows on trunk ports.

•RSPAN VLANs must be configured in VLAN configuration mode by using the remote-span VLAN configuration mode command.

•STP can run on RSPAN VLAN trunks but not on SPAN destination ports.

For VLANs 1 to 1005 that are visible to VLAN Trunking Protocol (VTP), the VLAN ID and its associated RSPAN characteristic are propagated by VTP. If you assign an RSPAN VLAN ID in the extended VLAN range (1006 to 4094), you must manually configure all intermediate switches.

It is normal to have multiple RSPAN VLANs in a network at the same time with each RSPAN VLAN defining a network-wide RSPAN session. That is, multiple RSPAN source sessions anywhere in the network can contribute packets to the RSPAN session. It is also possible to have multiple RSPAN destination sessions throughout the network, monitoring the same RSPAN VLAN and presenting traffic to the user. The RSPAN VLAN ID separates the sessions.

hope this helps,

-t
0
 
LVL 8

Assisted Solution

by:bsohn417
bsohn417 earned 1000 total points
ID: 35167222
is RSPAN VLAN trunked between these 2 SWs,
could you please post sh run | in moni

sh int trunk
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:c_hockland
ID: 35167503
will do.give a few plz
0
 

Author Comment

by:c_hockland
ID: 35168805
DALSW0010#sh run | in moni
monitor session 5 destination interface Gi4/1
monitor session 5 source remote vlan 999
0
 
LVL 18

Expert Comment

by:decoleur
ID: 35169205
do a sho int trunk on both switches and show vlan to confirm that the rspan vlan is on both switches.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 35169234
the port spanning appears to be fine it is just the local implementation of vlans that needs to be looked at.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial will go through the steps required to write a script that will back up the configuration settings of a HP-ProCurve switch. You will need to get the following things to follow this tutorial: Telnet Scripting Tool e.g. TST10.exe …
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question