From: Balaji Siva (bsivasub@gmail.com)
Date: Fri Feb 11 2005 - 02:06:58 GMT-3
So imagine connection like this
switch A ------Switch B
Configre VSPAN for VLAN x on switch A and configure the destination
port as the port connecting to Switch B. On Switch B, the port is vlan
X, now configure another VSPAN on switch B to ultimate IDS.
Not this is real poor configuration in a "real" network as the port
connecting between Switch A and B won't participate in STP on Switch
A. But then I am assuming you are just playing around in the lab.
Try it out and let me know if you run into any issues
hope it helps
Balaji
On Thu, 10 Feb 2005 20:52:02 -0800, Arif Rahman <arahman@cisco.com> wrote:
> Hi
> thank you for reply. I am trying to solve the question which asked to sniff
> packets from vlan that has member on two switches. Now the question is how
> to configure the switch which is connected to both sniffer (like IDS
> sensor) and traffic source.
>
> thank you
>
> At 11:34 PM 2/10/2005 -0500, Balaji Siva wrote:
> >you can't configure RSPAN on same box. Hw can't do recursive spaning
> >packets.
> >
> >
> >
> >On Thu, 10 Feb 2005 20:27:54 -0800, Arif Rahman <arahman@cisco.com> wrote:
> > > Hi
> > > I have only one switch and have following configuration. I am trying to
> > > configure RSPAN. But for some reason it is not working.
> > >
> > > monitor session 1 destination interface Fa0/3
> > > monitor session 1 source remote vlan 233
> > > monitor session 2 source vlan 11 rx
> > > monitor session 2 destination remote vlan 233 reflector-port Fa0/12
> > >
> > > I noticed reflector-port is getting lot of packets but not f0/3.
> > >
> > > If I configure SPAN like below then it works fine. f0/3 as well as IDS get
> > > the packets.
> > >
> > > monitor session 1 destination interface Fa0/3
> > > monitor session 1 source vlan 11 rx
> > >
> > > Any idea what could be wrong?
> > >
> > > thank you
This archive was generated by hypermail 2.1.4 : Thu Mar 03 2005 - 08:51:19 GMT-3