cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
13483
Views
5
Helpful
7
Replies

I want to know ASA support port mirror?

luosongtao
Level 1
Level 1

I have a ASA 5520,the version is 7.0。

I want to know ASA support port mirror?I want to connection in a audit equipment on the G0/2。

1 Accepted Solution

Accepted Solutions

Julio Carvajal
VIP Alumni
VIP Alumni

Hello,

No, the ASA does not support port mirroring on any of it's versions or platafforms.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

7 Replies 7

Julio Carvajal
VIP Alumni
VIP Alumni

Hello,

No, the ASA does not support port mirroring on any of it's versions or platafforms.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Thank you for your reply,Maybe I need to increase a switch.

I want to know ASA support port mirror?

I never tried or tested it but I think you can.

Please follow this link.

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/s8.html#wp1411559

*Please vote my reply if it's helpful.

1- that's what span port on the switch is designed for

2- if option #1 is not available, you can put an "in-line" from the ASA and tap the data to wherever you want it.  Netscout has them (formerly Simena)

Hello Everybody,

Just one to mention something I discovered a few days ago, and that is the ASA supports Port-mirroring but only on the asa 5505

Span/mirror port on the ASA 5505 - The ASA 5505 has an eight port Ethernet switch in it making it unique among the ASA product line. Like all Cisco switches, this one also supports traffic span to allow you to capture packets and send them to a destination switchport for analysis.

Command:
switchport monitor source_port [tx | rx | both]

Example:
Asa5505(config)# interface ethernet 0/4
Asa5505(config-if)# switchport monitor ethernet 0/0
Asa5505(config-if)# switchport monitor ethernet 0/1

You always learn something new

Hope I could help

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

can you send the the traffics from the "outside" interface  to the "mirror" port in the ASA 5505?

Hello David,

I just discovered this last week but based on the information over the internet you should be able to do it,

I will run a lab myself and see if that happens

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: