Solved

cisco 3560G Span port

Posted on 2013-05-21
4
545 Views
Last Modified: 2013-11-29
Hello,

We are inserting a IDS appliance into our system and need to setup a span port for it to use.  I am not really clear on how to do this.  The Cisco 3560 switch connects to our asa firewall which is in routed mode via a trunk port on port 12 of the switch.  I assume this is the best port to monitor?  I have an open port 15 that I was going to connect to the IDS system.  Would the correct command be
monitor session 1 source interface fastethernet 0/12  
&
monitor session 1 destination interface fastethernet 0/15

I have never done this before and am looking for any help or advice to make sure this looks ok and will not cause any issues on the switch/network doing it like this.  Any help is appreciated.

Thank you
0
Comment
Question by:Tim Lewis
  • 2
  • 2
4 Comments
 
LVL 25

Accepted Solution

by:
Cyclops3590 earned 500 total points
ID: 39185766
close

monitor session 1 source interface fastethernet 0/12
monitor session 1 destination interface fastethernet 0/15 encapsulation dot1q

need that at the end so it doesn't strip the vlan tagging info.
0
 

Author Comment

by:Tim Lewis
ID: 39185811
Thank you. Does doing this affect the monitored port in anyway?
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 39185852
not that i've ever seen.  there's clearly going to be resources used by the switch to do the operation but none that should affect the actual data traffic.
0
 

Author Comment

by:Tim Lewis
ID: 39188117
I found that the command to monitor should be monitor session 1 destination interface fastethernet 0/15 encapsulation replicate.    otherwise good to go.  Thanks for the help
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question