###First, create the Remote SPAN (RSPAN) VLAN. You must do this on both switches
SW1#configuration terminal
SW1(config)#vlan 999
SW1(config-vlan)#name RSPAN-VLAN
SW1(config-vlan)#remote-span
SW1(config-vlan)#exit
SW2#configuration terminal
SW2(config)#vlan 999
SW2(config-vlan)#name RSPAN-VLAN
SW2(config-vlan)#remote-span
SW2(config-vlan)#exit
###Next, create your monitor session for your source ports you are mirroring
SW1#configuration terminal
SW1(config)#monitor session 1 source interface gi 1/0/2 both ###This enables both transmit and receive to be recorded
###Now you can add the RSPAN VLAN to your monitor session as a destination to drop the data into the RSPAN VLAN:
SW1#configure terminal
SW1(config)#monitor session 1 destination remote vlan 999
###Now, go to your next switch in the destination and create a monitor session pulling from the RSPAN VLAN
SW2#configuration terminal
SW2(config)#monitor session 1 source remote vlan 999
###Finally, create a destination monitor session to dump the RSPAN VLAN traffic to your system analyzing the traffic
SW2#configuration terminal
SW2(config)#monitor session 1 destination interface gi 1/0/2
No comments:
Post a Comment