Scribd Logo
Upload

Welcome to Scribd!

  • Selective Port Mirroring Configuration For Passive

    Uploaded by

    jamski1200
    56 views2 pages
    Port Monitoring Filtering for router ports (interface L3 ports or SVIs) Create access list to match interesting traffic. Apply MLS IP IDS to the router interface (user traffic) Configure capture port (Port where PL will be connected)

    Original Description:

    Original Title

    Selective port mirroring configuration for passive

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Port Monitoring Filtering for router ports (interface L3 ports or SVIs) Create access list to match interesting traffic. Apply MLS IP IDS to the router interface (user traffic) Configure capture port (Port where PL will be connected)

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    56 views2 pages

    Selective Port Mirroring Configuration For Passive

    Uploaded by

    jamski1200
    Port Monitoring Filtering for router ports (interface L3 ports or SVIs) Create access list to match interesting traffic. Apply MLS IP IDS to the router interface (user traffic) Configure capture port (Port where PL will be connected)

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Port Monitoring Filtering

    For VLAN Ports (L2 ports)


    Step 1: Create access list to match interesting traffic

    Required for monitoring


    Cat6K−IOS(config)#ip access−list extended HTTP
    Cat6K−IOS(config−ext−nacl)#permit tcp any any eq www

    Required for forwarding of remaining traffic


    Cat6K−IOS(config)#ip access−list extended ALL_IP
    Cat6K−IOS(config−ext−nacl)#permit ip any any

    Step 2: Create a VLAN access map

    Cat6K−IOS(config)#vlan access−map CAPTURE 10


    Cat6K−IOS(config−access−map)#match ip address HTTP
    Cat6K−IOS(config−access−map)#action forward capture

    Cat6K−IOS(config)#vlan access−map CAPTURE 20


    Cat6K−IOS(config−access−map)#match ip address ALL_IP
    Cat6K−IOS(config−access−map)#action forward

    Step 3: Apply the VLAN access map to a VLAN

    Cat6K−IOS(config)#vlan filter CAPTURE vlan−list 100

    Step 4: Configure the capture port (Port where PL will be connected)

    Cat6K−IOS(config)#int faX/Y

    Cat6K−IOS(config−if)#switchport capture allowed vlan 100

    For router ports (interface L3 ports or SVIs)


    Step 1: Create access list to match interesting traffic

    Cat6K−IOS(config)#ip access−list extended HTTP


    Cat6K−IOS(config−ext−nacl)#permit tcp any any eq www

    Step 2: Apply MLS IP IDS to the router interface (user traffic)

    Cat6K−IOS(config)#int faX/Y
    Cat6K−IOS(config−if)#mls ip ids HTTP
    Step 3: Configure the capture port (Port where PL will be connected )

    Cat6K−IOS(config)#int faX/Y

    Cat6K−IOS(config−if)#switchport capture

    You might also like