cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5388
Views
0
Helpful
5
Replies

Can you create a span/mirror port on Firepower 1010 using the FMC

errMsg
Level 1
Level 1

Is it possible to create a span/mirror port on the Firepower 1010 device using the FMC console?  I am using the firewall in routed mode but want all the network traffic to be mirrored on one port so I can do some traffic analysis with the security onion.

5 Replies 5

Hi,

Port spanning can't be configured on firepower. This is done at the switch
level. You can configure passive interfaces on firepower to act as IDS.

**** please remember to rate useful posts

I tried to make one port passive but I didnt see any traffic on it.  I have 5 routed networks on the firepower device.  I have the passive port connected to an esxi server.

Are you sure the traffic is leaving the ESXi server on that port? That's by far the most likely cause of an issue such as you describe.

I was thinking that the firewall would be the one sending ALL the traffic to the passive port.  From there I would connect from the firewall "Span" port >>>>to the computer's 2nd network interface I was going to use for analysis.

Hi, the firewall can't forward the traffic internally from routed port to
passive port. You need to do this using a switch.

*** please remember to rate useful posts
Review Cisco Networking for a $25 gift card