Solved

cisco 3560G Span port

Posted on 2013-05-21
4
537 Views
Last Modified: 2013-11-29
Hello,

We are inserting a IDS appliance into our system and need to setup a span port for it to use.  I am not really clear on how to do this.  The Cisco 3560 switch connects to our asa firewall which is in routed mode via a trunk port on port 12 of the switch.  I assume this is the best port to monitor?  I have an open port 15 that I was going to connect to the IDS system.  Would the correct command be
monitor session 1 source interface fastethernet 0/12  
&
monitor session 1 destination interface fastethernet 0/15

I have never done this before and am looking for any help or advice to make sure this looks ok and will not cause any issues on the switch/network doing it like this.  Any help is appreciated.

Thank you
0
Comment
Question by:danskoit
  • 2
  • 2
4 Comments
 
LVL 25

Accepted Solution

by:
Cyclops3590 earned 500 total points
ID: 39185766
close

monitor session 1 source interface fastethernet 0/12
monitor session 1 destination interface fastethernet 0/15 encapsulation dot1q

need that at the end so it doesn't strip the vlan tagging info.
0
 

Author Comment

by:danskoit
ID: 39185811
Thank you. Does doing this affect the monitored port in anyway?
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 39185852
not that i've ever seen.  there's clearly going to be resources used by the switch to do the operation but none that should affect the actual data traffic.
0
 

Author Comment

by:danskoit
ID: 39188117
I found that the command to monitor should be monitor session 1 destination interface fastethernet 0/15 encapsulation replicate.    otherwise good to go.  Thanks for the help
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now