Solved

Setup SPAN to monitor DMZ traffic

Posted on 2016-09-08
2
56 Views
Last Modified: 2016-10-12
Our security recently setup a palo alto and it also was configured as DMZ connecting to a Catalyst 2960S. I was asked to configure SPAN on a port to monitor a port channel.
!
interface port-channel 10
!
interface g0/23
switchport mode trunk
channel-group 10
!
interface g0/24
switchport mode trunk
channel-group 10

Could someone please comment on my command to configure SPAN below? Did I miss anything?
source port: port-channel 10
destination port: G0/4

Switch(config-if)#interface g0/4
Switch(config-if)#port monitor port-channel 10

Thanks!
0
Comment
Question by:techy98
2 Comments
 
LVL 14

Accepted Solution

by:
SIM50 earned 500 total points
ID: 41790146
monitor session 1 source interface po10
monitor session 1 destination interface gig0/4 encap dot1q

to clear:
no monitor session 1
0
 

Author Comment

by:techy98
ID: 41840169
SIM50, I have one more question...would be appreciated if you could help.
What if I want to monitor a port-channel which is currently an uplink to core switch (Catalyst6509), could I do this? would it be any impact to Spanning Tree?
Also, before configuring the destination port, the port was configured as below? Do I need to configure port "no switchport mode access" first?
interface gig0/4
switchport mode access
spanning-tree portfast
spanning-tree guard root
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Network Router- Access control List 4 62
ASR920 switching 2 35
Ping Through ASA Firewall 6 38
PCI compliance 16 32
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question