From: Peter (peter@cyscoexpert.com)
Date: Wed Oct 08 2003 - 09:31:59 GMT-3
No, you don't need to.
Peter
----- Original Message -----
From: Hossam
To: Peter ; ccielab@groupstudy.com
Sent: Wednesday, October 08, 2003 7:18 AM
Subject: Re: RSPAN problems
Peter,
Do't we need to add the reflector port to the reflector VLAN?
Thanks
Peter <peter@cyscoexpert.com> wrote:
Is your VLAN 400 configured as remote SPAN vlan? Also, you don't need to
put
fa0/16 on second switch into vlan 51. Other than that everything else
looks
good.
My working example is this:
SwitchA:
vlan 500
remote-span
monitor session 1 source interface fa0/1 both
monitor session 1 destination remote vlan 500 reflector-port fa0/20
SwitchB:
monitor session 1 source remote vlan 500
monitor session 1 destination interface fa0/10
This will let you see the traffic on SwitchA fa0/1 while having sniffer
connected to port fa0/10 on SwitchB.
_____________________________
Peter
#7247 (R&S, Security, SP)
CyscoExpert Corp.
4433 W. Touhy Ave. Suite 410
Lincolnwood, IL 60712
Phone (847) 674-3392
Toll Free (866) CyscoXP (297-2697)
Fax (847) 674-2625
----- Original Message -----
From: "Roger McNeace"
To:
Sent: Monday, October 06, 2003 1:40 PM
Subject: RSPAN problems
> I am having alot of trouble getting RSPAN to work. What am i doing
wrong?
> Read doc cd several times.
>
> Questions
>
> 1. Does the destination have to be in the same VLAN as the source?
> 2. When would I use the "ingress" keyword?
> 3. Is the following show command output normal?
>
> sh interface fa 0/16
>
> FastEthernet0/16 is up, line protocol is down (monitoring)
>
> 4. Does my config look right?
>
>
>
> FW-------------fa0/15[cat1 ]-------dot1q---------[cat2
> ]fa0/16--------IDS
>
> Config
> -VLAN 400 exists on both switches
> -Trunk link is working traffic is passing to other ports
> -Reflector port has nothing plugged into it and is in default vlan
>
> Cat1
>
> interface FastEthernet0/15
> switchport access vlan 51
> no ip address
>
> interface GigabitEthernet0/1
> switchport trunk encapsulation dot1q
> switchport mode trunk
>
> monitor session 1 source interface Fa0/15 rx
> monitor session 1 destination remote vlan 400 reflector-port Fa0/24
>
>
> Cat2
>
> interface FastEthernet0/16
> switchport access vlan 51
> no ip address
>
> interface GigabitEthernet0/1
> switchport trunk encapsulation dot1q
> switchport mode trunk
>
> monitor session 1 destination interface Fa0/16
> monitor session 1 source remote vlan 400
>
> ***Get your CCIE and a FREE vacation: Shop.GroupStudy.com***
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
***Get your CCIE and a FREE vacation: Shop.GroupStudy.com***
_______________________________________________________________________
Please help support GroupStudy by purchasing your study materials from:
shop.groupstudy.com
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
-----------------------------------------------------------------------------
-
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
***Get your CCIE and a FREE vacation: Shop.GroupStudy.com***
This archive was generated by hypermail 2.1.4 : Mon Nov 24 2003 - 07:52:58 GMT-3