We have a security appliance that requires all ports on the switch to be mirrored to the port the appliance is on.
Is there a supported config where you can direct all ports on a switch to mirror to a specific port?
Something like “gi0/1-gi0/47” in the source and “gi0/48” in the Destination. But this not was accepted by the WebGUI on the switch.
I was able to configure around 18 selective ports using the format “gi0/1,gi0/2,gi0/3,gi0/15,gi0/16,gi0/22,gi0/23,gi0/24,gi0/25,” and so on, but there is a max of 128 characters in the WebGUI so I was unable to configure all ports as required.
However, after 3-4 days of less than half the ports on the switch being mirrored, the switch eventually restarted with an error “Segmentation Fault”.
Can someone confirm whether the switch would support mirroring all ports and/or if it would be able to handle mirroring multiple ports, as outlined above?
For anyone that runs across this post because you are trying to mirror multiple ports…
The WebGUI has a bug where it maxes out to 128 chars in the field when entering the ports. This resulted in my switch having a “Segmentation Fault” occur.
I configured via SSH to the switch in the end, although you must enter each port config on a new line. For example, the following commands entered on each line…
config terminal
monitor session 1 source interface gigabitethernet 0/1 both
monitor session 1 source interface gigabitethernet 0/2 both
monitor session 1 source interface gigabitethernet 0/3 both
monitor session 2 source interface gigabitethernet 0/23 both
monitor session 2 source interface gigabitethernet 0/24 both
monitor session 2 source interface gigabitethernet 0/25 both
monitor session 1 source interface Extreme-Ethernet 0/1 both
monitor session 2 source interface Extreme-Ethernet 0/2 both
monitor session 1 destination interface gigabitethernet 0/45
monitor session 2 destination interface gigabitethernet 0/46
end
Note the “Extreme-Ethernet” are the named ports for the 10GB SFP.
Max 36 ports can be setup per session on a 48 port switch.
Splitting the ports into 2 sessions allows you to monitor all ports, as long as your security device support multiple ingest ports.
Useful tip I got from support - as you enter commands in the SSH terminal, type ? to find what commands are related within that command section you’re in.