VLAN tags missing on monitor port

RambaZamba

I'm using a XGS1250-12 and set up port 12 as mirrored port. That port is part of 4 VLANs and doesn't untag them on ingress. I'm using port 3 as monitor port to connect a laptop running wireshark. Port 3 is not part of any VLAN. When I capture the network traffic, I do see all the packets I'm interested in, but the packets that are part of a VLAN header have their VLAN tag removed in the pcap. I've double-checked by capturing on the physical interface of the sending machine and the VLAN tag are part of that pcap. How do I have to set up port mirroring to see the packets exactly as they arrive/leave the mirrored port?

Zyxel_Nami

Hi @RambaZamba

To provide accurate assistance, please help clarify the following:

1. VLAN - Egress Rule on Port 12: Please share the VLAN setting on Port 12. We would like to know if it is configured to tag VLANs or leave them untagged for egress packets. Knowing this will help us understand packet handling.
   1. Additionally, are VLAN tags missing on both ingress and egress packets on your monitor PC, not just on ingress packets?
      
2. Wireshark Configuration: Ensure the VLAN ID column is enabled in Wireshark to verify the presence of VLAN tags on captured packets.
   
3. Ensure the VLAN setting of NIC:
   

Thanks.

PeterUK

You can't you see them as untagged

Zyxel_Nami

Hi @RambaZamba

To provide accurate assistance, please help clarify the following:

1. VLAN - Egress Rule on Port 12: Please share the VLAN setting on Port 12. We would like to know if it is configured to tag VLANs or leave them untagged for egress packets. Knowing this will help us understand packet handling.
   1. Additionally, are VLAN tags missing on both ingress and egress packets on your monitor PC, not just on ingress packets?
      
2. Wireshark Configuration: Ensure the VLAN ID column is enabled in Wireshark to verify the presence of VLAN tags on captured packets.
   
3. Ensure the VLAN setting of NIC:
   

Thanks.