07-14-2011 03:11 AM - edited 03-07-2019 01:12 AM
Hello, everyone:
I am encount a problem when I do a Local SPAN on an 3750 Switch.
My 3750 runs on version 12.2(25)SEB4 IOS .
I need to SPAN two port's traffic to one port to work with Websense.
The port needs to be able to monitor and send traffic. Here is what we used:
monitor session 1 source interface Gi1/0/23 - 24
monitor session 1 destination interface Gi1/0/21 encapsulation replicate ingress dot1q vlan 1
07-14-2011 03:37 AM
Hi,
how does the interface Gi1/0/21 configuration look like?
Have you tried your PC sending untagged packets together with
monitor session 1 destination interface Gi1/0/21 encapsulation replicate ingress untagged vlan 1
command?
HTH,
Milan
07-14-2011 08:15 AM
I 've tried this configuration , but it seems no effect..
thank you for you advice~
07-14-2011 05:24 AM
Hi,
I would be helpful if you could add the entire config here, ie .. config on svi , config on interface.
/ Vivek
07-14-2011 08:23 AM
Hi , Vivek,
Here is my full "sh run" output .
------------------------
Building configuration...
Current configuration : 2322 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname XXXX
!
enable secret 5 $1$banu$36zuNWgvOv9vvH2raeK5X/
!
no aaa new-model
switch 1 provision ws-c3750g-24ps
ip subnet-zero
ip routing
no ip domain-lookup
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/2
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/3
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/4
!
(No configuration of these Ports, output omitted.....)
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/22
switchport access vlan 100
switchport mode access
!
interface GigabitEthernet1/0/23
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/24
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface Vlan1
ip address 10.10.1.1 255.255.255.0
!
interface Vlan10
ip address 10.10.10.1 255.255.255.0
!
interface Vlan20
ip address 10.10.20.1 255.255.255.0
!
interface Vlan100
ip address 10.10.100.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.100.253
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
password firewall
login
line vty 5 15
password firewall
login
!
!
monitor session 1 source interface Gi1/0/23 - 24
monitor session 1 destination interface Gi1/0/21 encapsulation replicate ingress dot1q vlan 1
!
end
----------------------
IS there something I did wrong?
Thank you very much
BTW, I noticed that , when PC ping to VLAN1 SVI 10.10.1.1 , an incompleted ARP entry been observed on PC, by capture packets , The ARP request for IP 10.10.1.1 got NO ARP response. BUT, by launch "debug ip arp" on the 3750 , I really see the ARP response .
Seems like that , the ARP response been constructed, by didn't sent out Gi1/0/21
Thank you Again~
07-15-2011 08:55 AM
Is there anybody can help me ?
Any sugggestion or advice is appreciated.
07-17-2011 06:50 AM
make g1/0/21 an access port, not a trunk port. You should also not be putting devices in Vlan1. Put the websense server in another vlan (ie. vlan 5 - assigned for monitoring) and update your monitor line accordingly (ie. encapsulation replicate ingress dot1q vlan 5) (if youre creating a new vlan, make sure to create the svi if you want to route off of it).
07-17-2011 08:18 PM
Hi , Joneswill:
I need to see vlan tags on the the port gi1/0/21 , so this is why I set gi1/0/21 to trunk mode.
Is there another workaround on my particular requirement ?
Thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide