Solved

Setup SPAN to monitor DMZ traffic

Posted on 2016-09-08
2
62 Views
Last Modified: 2016-10-12
Our security recently setup a palo alto and it also was configured as DMZ connecting to a Catalyst 2960S. I was asked to configure SPAN on a port to monitor a port channel.
!
interface port-channel 10
!
interface g0/23
switchport mode trunk
channel-group 10
!
interface g0/24
switchport mode trunk
channel-group 10

Could someone please comment on my command to configure SPAN below? Did I miss anything?
source port: port-channel 10
destination port: G0/4

Switch(config-if)#interface g0/4
Switch(config-if)#port monitor port-channel 10

Thanks!
0
Comment
Question by:techy98
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 14

Accepted Solution

by:
SIM50 earned 500 total points
ID: 41790146
monitor session 1 source interface po10
monitor session 1 destination interface gig0/4 encap dot1q

to clear:
no monitor session 1
0
 

Author Comment

by:techy98
ID: 41840169
SIM50, I have one more question...would be appreciated if you could help.
What if I want to monitor a port-channel which is currently an uplink to core switch (Catalyst6509), could I do this? would it be any impact to Spanning Tree?
Also, before configuring the destination port, the port was configured as below? Do I need to configure port "no switchport mode access" first?
interface gig0/4
switchport mode access
spanning-tree portfast
spanning-tree guard root
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Read about achieving the basic levels of HRIS security in the workplace.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question