Re: HELP on 4 port etherswitch module.

From: R.S CCIE (r.s.cciestudy@gmail.com)
Date: Fri Nov 16 2007 - 16:47:41 ART

• Next message: Muhammad Saleem: "RE: Two default gateway (IP Route ..)"
• Previous message: R.S CCIE: "Re: CCIE 19366"
• Maybe in reply to: Biggs, Jeff \(M/CIO/BIE\): "HELP on 4 port etherswitch module."
• Next in thread: Saul Arjona: "Re: HELP on 4 port etherswitch module."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Not sure if I understand the question correctly. Is it possible the
security person was on a trunk port?

On 11/15/07, Biggs, Jeff (M/CIO/BIE) <JBiggs@usaid.gov> wrote:
> I have a security person that has a tap on one of our connections that
> is hanging off of one of our 4 port Etherswitch modules on a 2811. The
> source side from our router is the 192.168 side of the connection. The
> complaint from the security person is that they would like the "vlan
> tag" removed so there tap software can group the traffic better (go
> figure). I believe this is the nature of this card and that there is
> nothing we can do about it, but would like to verify this with
> documentation if it is out there. Anyone have any ideas?
>
>
>
> Router config:
>
>
>
> interface FastEthernet0/0/1
>
> description <<FW01>>
>
> switchport access vlan 48
>
> !
>
> interface FastEthernet0/0/2
>
> description <<FW02>>
>
> switchport access vlan 48
>
> !
>
> interface FastEthernet0/0/3
>
> shutdown
>
> !
>
> interface Vlan1
>
> no ip address
>
> !
>
> interface Vlan48
>
> ip address 192.168.48.1 255.255.255.0
>
>
>
> This is what the TAP is seeing:
>
>
>
> 13:54:41.822389 IP 11.1.11.1.www > 192.168.46.2.53081: . ack 295 win 432
>
> 13:54:41.822838 IP 11.1.11.1.www > 192.168.46.2.53081: P 1:545(544) ack
> 295 win 432
>
> 13:54:41.822842 IP 11.1.11.1.www > 192.168.46.2.53081: F 545:545(0) ack
> 295 win 432
>
> 13:54:41.829957 vlan 48, p 0, IP 192.168.46.2.53081 > 11.1.11.1.www: .
> ack 546 win 16378
>
> 13:54:41.830001 vlan 48, p 0, IP 192.168.46.2.53081 > 11.1.11.1.www: F
> 295:295(0) ack 546 win 16378
>
> 13:54:41.831561 vlan 48, p 0, IP 192.168.46.2.53082 > 11.1.11.1.www: S
> 417069398
>
>
>
>
>
> Jeffrey Biggs
>
> Sr. Network Engineer
>
> USAID
>
> M/CIO/BIE
>
> 240-646-5003
>
> jbiggs@usaid.gov <mailto:jbiggs@usaid.gov>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Muhammad Saleem: "RE: Two default gateway (IP Route ..)"
• Previous message: R.S CCIE: "Re: CCIE 19366"
• Maybe in reply to: Biggs, Jeff \(M/CIO/BIE\): "HELP on 4 port etherswitch module."
• Next in thread: Saul Arjona: "Re: HELP on 4 port etherswitch module."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:30 ART