cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1429
Views
0
Helpful
3
Replies

Port Mirror on Nexus 7k - Filter not working

Travis-Fleming
Level 1
Level 1

Hello. I have the below setup for a mirrored port going to a laptop with wireshark. I have the access-list\monitor filter setup, but it's still showing all traffic and is generating a 100 MB file every minute, which is too much. What am I missing? I only want to see traffic from the 172.17.15.0/24 subnet going to 172.17.60.0/24 subnet.

 

ip access-list 2ndwestvoice
10 permit ip 172.17.15.0/24 172.17.60.0/24
20 deny ip any any

!

monitor session 1
source interface Ethernet1/3 both
rate-limit auto
destination interface Ethernet1/8 primary
filter filter-list 2ndwestvoice
no shut

!
monitor filter-list 2ndwestvoice
permit filter 2ndwestvoice

1 Accepted Solution

Accepted Solutions

Travis-Fleming
Level 1
Level 1

I opened a TAC case, and that engineer could not figure it out either. However we just put the filter on the live wireshark capture as apposed to on the Nexus itself. That worked for us.

View solution in original post

3 Replies 3