Hey techies... got a plan to test some IDS devices (Juniper and TopLayer), using SPAN. This is a first for me.
On one of the switches in question (a 3750 stack), entered these commands:
EAST-SW1(config)#monitor session 1 source int f2/0/10
EAST-SW1(config)#monitor session 1 destination int f2/0/25
And after a wr mem, this:
EAST-SW1#sh monitor
Session 1
---------
Type : Local Session
Source Ports :
Both : Fa2/0/10
Destination Ports : Fa2/0/25
Encapsulation : Native
Ingress : Disabled
Can someone offer an opinion on the Ingress being disabled? I can see that if I enter a command using ingress, I'm given the options of:
dot1q ingress forwarding using dot1q encapsulation
isl ingress forwarding using isl encapsulation
untagged ingress forwarding using untagged encapsulation
vlan Set default VLAN for untagged ingress traffic
Are these significant? or is my setup above sufficient? FYI, the port being mirrored belongs to vlan 216... the port acting as destination is in 200. Is that significant? Do they have to match?
Thanks kindly,
Mike
On one of the switches in question (a 3750 stack), entered these commands:
EAST-SW1(config)#monitor session 1 source int f2/0/10
EAST-SW1(config)#monitor session 1 destination int f2/0/25
And after a wr mem, this:
EAST-SW1#sh monitor
Session 1
---------
Type : Local Session
Source Ports :
Both : Fa2/0/10
Destination Ports : Fa2/0/25
Encapsulation : Native
Ingress : Disabled
Can someone offer an opinion on the Ingress being disabled? I can see that if I enter a command using ingress, I'm given the options of:
dot1q ingress forwarding using dot1q encapsulation
isl ingress forwarding using isl encapsulation
untagged ingress forwarding using untagged encapsulation
vlan Set default VLAN for untagged ingress traffic
Are these significant? or is my setup above sufficient? FYI, the port being mirrored belongs to vlan 216... the port acting as destination is in 200. Is that significant? Do they have to match?
Thanks kindly,
Mike