Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
374
Views
0
Helpful
1
Replies

Monitoring WAN (internally)

cschueler
Level 1
Level 1

‎10-02-2002 06:34 AM - edited ‎03-02-2019 01:47 AM

Is there any type of configuration for a 7206 to SPAN or monitor traffic? I am running mutiple 7206 with inbound DS3 and outbound VXR (SVC/PVC)connections to other sites (i.e traffic never leaves the router). How could I implement a spanning feature to monitor the traffic on those links? My thoughts were to maybe create VLAN's for the interconnects and try to span those links, but not sure if that is even feasible. My motive behind this is for IDS implementation for monitoring internal traffic.

Thank you,

Chris

Labels:
0 Helpful
1 Reply 1

dkotanto_2
Level 1
Level 1

‎10-02-2002 05:18 PM

Hello,

There is no way to span a port in a VXR. You could use PBR to redirect WAN traffic to an external router and then back to the VXR and put a switch in the middle for SPAN but that will most likely cause more trouble than it's worth. I would consider deploying a 6500 or 7600 with a flexwan module and use vacls to capture WAN interface traffic. Then use either an IDSM module or connect an external IDS to a GigE port to monitor the captured traffic.

Here is config example for the flexwan:

!

vlan access-map wan 100

match ip address 100

action forward capture

!

vlan filter wan interface serial 4/1/1

!

access list 100 permit tcp any any

!

interface gigabitEthernet 5/1

switchport capture

!

Good luck,

Jim

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card