Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
965
Views
0
Helpful
3
Replies

SPAN to monitor multiple VLANs on 2950 for WebSense

dwrscisco
Level 1
Level 1

‎08-14-2004 05:50 AM - edited ‎03-02-2019 05:45 PM

I have configured VLANS on 2950 (48 Ports) running Version 12.1(13)EA1.

the LAN on VLAN1 the default VLAN where I connected the PIX (inside) on port 5 interface and WebSense on port 12.

And on VLAN3 I have connected the interface of PIX dmz1 on port 21.

I have tried the command:

monitor session 1 source interface Fa0/5 , Fa0/21

monitor session 1 destination interface Fa0/12

This command allow the Websense to monitor VLAN1 clients but it does BLOCK sites, i.e., it is only monitoring without taking action

at the same time I cannot pnig the Websense server

BUT when I try the command:

monitor session 1 source interface Fa0/5 , Fa0/21

monitor session 1 destination interface Fa0/12 ingress vlan 1

this command it monitors and action or blocks sites on VLAN 1 only and I don't see clients from VLAN 3

and I am able to ping the Websense server

Would anybody please advise how can I monitor multiple VLANS with SPAN and allow the Websense server to action the received traffic, i.e., block unwanted URLs.

Thanks,

Labels:
0 Helpful
3 Replies 3

aashish.c
Level 4
Level 4

‎08-15-2004 09:22 PM

Hi,

When you enable ingress vlan for a destination port, the virtually it becomes a member of vlan 1 and stop seeing clinets of vlan 3. in this case you can setup 2 span sessions each for a vlan and make 2 destination ports and do all the things.

I understand that it might be difficult for you to arrange 2 ports for capturing traffic but I think this is the only way to accomplish this.

Thanks

Aashish C

0 Helpful

dwrscisco
Level 1
Level 1
In response to aashish.c

‎08-15-2004 11:01 PM

Hi Aashish,

I have tried to create SESSION 2 between the system returned an error that "This Platform Support One Session only"

However, thanks for the info, currently I am waiting a response from Cisco Tech, which I hope they solve the problem.

Regards,

Shamsan

0 Helpful

aashish.c
Level 4
Level 4
In response to dwrscisco

‎08-15-2004 11:19 PM

Hi,

You need to sue SESSION 0 as you second session. then you will not get this error messages. 2950 will support 2 SPAN sessions 0 and 1.

Kindly update after doing this...

Thanks

Aashish

0 Helpful
Customers Also Viewed These Support Documents