Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2682
Views
0
Helpful
7
Replies

3750 Local SPAN problem.

cityloveyou
Level 1
Level 1

‎07-14-2011 03:11 AM - edited ‎03-07-2019 01:12 AM

Hello, everyone:

I am encount a problem when I do a Local SPAN on an 3750 Switch.

My 3750 runs on  version 12.2(25)SEB4 IOS .

I need to SPAN two port's traffic to one port to work with Websense. 

The port  needs to be able to monitor and send traffic.  Here is what we used:

monitor session 1 source interface Gi1/0/23 - 24

monitor session 1 destination interface Gi1/0/21 encapsulation replicate ingress dot1q vlan 1

I have SVI configured, and the PC connect to Gi1/0/21 has the IP address of VLAN1 ,  my problem is , from the PC , I can ping to any other hosts in VLAN1, BUT I can not ping to the VLAN1 SVI interface , namely , I can not ping to the gateway of VLAN1 , so , I can not make the PC to communicate with the PCs in other VLANs.
The only way to send packets to other vlans ,vlan 10 for example , I need to let PC to send the packet with a VLAN tag 10 in its packet.
It there a way to make PC connect to Gi1/0/21 to communicate with PCs in other VLANs by SVI forwarding?
Any suggestion is appreciated.
Thank you all
Labels:
0 Helpful
7 Replies 7

milan.kulik
Level 10
Level 10

‎07-14-2011 03:37 AM

Hi,

how does the interface Gi1/0/21 configuration look like?

Have you tried your PC sending untagged packets together with

monitor session 1 destination interface Gi1/0/21 encapsulation replicate ingress untagged vlan 1

command?

HTH,

Milan

0 Helpful

cityloveyou
Level 1
Level 1
In response to milan.kulik

‎07-14-2011 08:15 AM

I 've tried this configuration , but it seems no effect..

thank you  for you advice~

0 Helpful

Vivek V
Cisco Employee
Cisco Employee

‎07-14-2011 05:24 AM

Hi,

I would be helpful if you could add the entire config here, ie .. config on svi , config on interface.

/ Vivek

0 Helpful

cityloveyou
Level 1
Level 1
In response to Vivek V

‎07-14-2011 08:23 AM

Hi , Vivek,

Here is my full "sh run" output .

------------------------

Building configuration...

Current configuration : 2322 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname XXXX

!

enable secret 5 $1$banu$36zuNWgvOv9vvH2raeK5X/

!

no aaa new-model

switch 1 provision ws-c3750g-24ps

ip subnet-zero

ip routing

no ip domain-lookup

!

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet1/0/1

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/2

switchport access vlan 10

switchport mode access

!

interface GigabitEthernet1/0/3

switchport access vlan 20

switchport mode access

!

interface GigabitEthernet1/0/4

!

(No configuration of these Ports, output omitted.....)

!

interface GigabitEthernet1/0/19

!

interface GigabitEthernet1/0/20

!

interface GigabitEthernet1/0/21

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/22

switchport access vlan 100

switchport mode access

!

interface GigabitEthernet1/0/23

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/24

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/25

!

interface GigabitEthernet1/0/26

!

interface GigabitEthernet1/0/27

!

interface GigabitEthernet1/0/28

!

interface Vlan1

ip address 10.10.1.1 255.255.255.0

!

interface Vlan10

ip address 10.10.10.1 255.255.255.0

!

interface Vlan20

ip address 10.10.20.1 255.255.255.0

!

interface Vlan100

ip address 10.10.100.1 255.255.255.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.10.100.253

ip http server

!

!

control-plane

!

!

line con 0

line vty 0 4

password firewall

login

line vty 5 15

password firewall

login

!

!

monitor session 1 source interface Gi1/0/23 - 24

monitor session 1 destination interface Gi1/0/21 encapsulation replicate ingress  dot1q vlan 1

!

end

----------------------

IS there something I did wrong?

Thank you very much

BTW, I noticed that , when PC ping to VLAN1  SVI 10.10.1.1  ,  an incompleted ARP entry been observed on PC, by capture packets ,  The ARP request for IP 10.10.1.1 got NO ARP response. BUT, by launch "debug ip arp" on the 3750 , I really see the ARP response .

Seems like that , the ARP response been constructed, by didn't sent out Gi1/0/21

Thank you Again~

0 Helpful

cityloveyou
Level 1
Level 1

‎07-15-2011 08:55 AM

Is there anybody can help me ?

Any sugggestion or advice is appreciated.

0 Helpful

joneswill
Level 1
Level 1
In response to cityloveyou

‎07-17-2011 06:50 AM

make g1/0/21 an access port, not a trunk port.  You should also not be putting devices in Vlan1.  Put the websense server in another vlan (ie. vlan 5 - assigned for monitoring) and update your monitor line accordingly (ie. encapsulation replicate ingress  dot1q vlan 5) (if youre creating a new vlan, make sure to create the svi if you want to route off of it).

0 Helpful

cityloveyou
Level 1
Level 1
In response to joneswill

‎07-17-2011 08:18 PM

Hi , Joneswill:

I need to see vlan tags on the the port gi1/0/21 , so this is why I set gi1/0/21 to trunk mode.

Is there another workaround on my particular requirement ?

Thank you

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card