Solved

cisco 3560G Span port

Posted on 2013-05-21
4
552 Views
Last Modified: 2013-11-29
Hello,

We are inserting a IDS appliance into our system and need to setup a span port for it to use.  I am not really clear on how to do this.  The Cisco 3560 switch connects to our asa firewall which is in routed mode via a trunk port on port 12 of the switch.  I assume this is the best port to monitor?  I have an open port 15 that I was going to connect to the IDS system.  Would the correct command be
monitor session 1 source interface fastethernet 0/12  
&
monitor session 1 destination interface fastethernet 0/15

I have never done this before and am looking for any help or advice to make sure this looks ok and will not cause any issues on the switch/network doing it like this.  Any help is appreciated.

Thank you
0
Comment
Question by:Tim Lewis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 25

Accepted Solution

by:
Cyclops3590 earned 500 total points
ID: 39185766
close

monitor session 1 source interface fastethernet 0/12
monitor session 1 destination interface fastethernet 0/15 encapsulation dot1q

need that at the end so it doesn't strip the vlan tagging info.
0
 

Author Comment

by:Tim Lewis
ID: 39185811
Thank you. Does doing this affect the monitored port in anyway?
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 39185852
not that i've ever seen.  there's clearly going to be resources used by the switch to do the operation but none that should affect the actual data traffic.
0
 

Author Comment

by:Tim Lewis
ID: 39188117
I found that the command to monitor should be monitor session 1 destination interface fastethernet 0/15 encapsulation replicate.    otherwise good to go.  Thanks for the help
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Ready for our next Course of the Month? Here's what's on tap for June.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question