Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
405
Views
0
Helpful
1
Replies

Confirm my config .. please

ciscobloke
Level 1
Level 1

‎08-14-2006 03:27 AM - edited ‎03-10-2019 03:09 AM

Hi,

Can someone please confirm if I am thinking along the right lines?

I want to capture traffic on 6500a vlan 333 and sent it to 6500B which has an IDSM blade.

Is this all I need to do?

(coss-over) cable from 6500a to 6500b

Create remote span vlan 444 on both switches

6500a(config)#monitor session 2 source vlan 333 rx

6500a(config)#monitor session 2 destination remote vlan 444 gigiabit 5/40

configure port 5/40 for 801.1q (cable to 6500b)

6500b

6500b(config)#ip access-list extended CAPTURE

6500b(config-ext-nacl)#permit ip any any

6500b (config)# vlan access-map CAPTURE 10

6500b (config-access-map)# match ip address CAPTURE

6500b (config-access-map)# action forward capture

6500b (config-access-map)# exit

6500b (config)# vlan filter CAPTURE vlan-list 444

6500b (config)#intrusion-detection module 6 data-port 1 capture

6500b (config)#intrusion-detection module 6 data-port 1 capture allowed-vlan 444

configure port 4/40 for 801.1q (cable to 6500a)

Do I need to configure monitor sessions on 6500b? Please advise of anything else I have missed out.

Thanks in advance,

-Ciscobloke

Labels:
0 Helpful
1 Reply 1

wong34539
Level 6
Level 6

‎08-18-2006 09:48 AM

You need to configre monitor sessions .All your configurations are correct

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card