Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
363
Views
0
Helpful
2
Replies

can differnet subnet sniffer each packet(broadcast) on defaltu L2 switch ?

yixuan lin
Level 1
Level 1

‎04-04-2016 12:49 PM - edited ‎03-08-2019 05:13 AM

Dear Sir:

there are two subnet  192.168.1.x/24 and 192.168.2.x/24 connect from firewall two interface on the defalut Cisco L2 switch (2960X or 2960S...)

Before setting vlan , can the different subnet sniffer each packet(broadcast) via wireshark or other sniffer softwares ? 

thanks!

Labels:
0 Helpful
2 Replies 2

pwwiddicombe
Level 4
Level 4

‎04-04-2016 01:22 PM

If the sniffer is connected to a port in a vlan, it will see all broadcasts within that vlan, so you should be able to hook up 2 wiresharks units to see traffic on both sides of the firewall; provided you connect to the different vlans.

Note that with no SPAN session set, you will only see broadcast traffic (including mac address flooding), but only the unresolved packets before the syn/ack session is set up.  Normal TCP sessions should be "invisible" or incomplete on the wireshark session captures.

0 Helpful

Prabath Godevithanage
Level 4
Level 4

‎04-04-2016 04:15 PM

Hi Yixuan,There are few ways that you could capture packets on Cisco gear. have a look at the link here to get an overall understanding. I see you only required to capture broadcasts so you can do that if you just plugin your wireshark PC in to a port in each vlan.

***Please rate all the useful posts***
-Prabath
0 Helpful
Customers Also Viewed These Support Documents