Remote Port Mirroring on GS1920-24
In the menu, I can only find local mirroring but nothing about remote mirroring?
Thank you
Regards,
letssee
All Replies
-
Hi @letssee,GS1920 series doesn't support remote-mirroring, due to GS1920 is a low-end device.However, good news that there is a workaround to achieve your goal.Based on your description, I assume that your topology is relatively close to mine.Objective:PCA would like to mirror the packet from the server that connected to SW2.Workaround:Procedure:Switch 1:1. Check the Active box to enable mirror and configure port 7 as the monitor port.
Advanced application > Mirroring
2. Configure classifier, check the Active, Log & Count box to able to verify if the classifier had been hit then input the trunk number that you configure (Ex: T1) and VLAN200 for remote-mirror VLAN.
Advanced application > Classifier
3. Configure a policy rule for the created classifier, check the active box and choose the classifier. Then at the Action outgoing category check the “Send the packet to the mirror port”.
Advanced application > Policy ruleConfiguration Switch 1:Switch 2:1. Create a VLAN200 for remote-mirroring, add port 1 & 2 to be VLAN200 members. Then click add to apply the configuration.Advanced application > VLAN > VLAN Configuration > Static VLAN setup
2. Configure PVID 200 for port 4 to flood the mirrored packet from port 3 to VLAN200.Advanced application > VLAN > VLAN Configuration > Static VLAN setup > VLAN port setup
3. Check the Active box to enable mirror and configure port 3 as the monitor port then check port 8 to be mirrored and set both for direction.Advanced application > Mirroring
4. Activate port security and disable address learning for port 4 so that it will flood the mirrored packet.Advanced application > Port security
Configuration Switch 2:
Test Result:
1. Use ping to create an ICMP packet from the server to desktop.
2. Open Wireshark on PCA, you will see that ICMP packet of desktop and server will all be mirrored to PCA through VLAN200.
Zyxel_Jonas
https://us.v-cdn.net/6029482/uploads/78HOOSV0BUBI/240828-nebula-27s-intentcommunity-homepage-1920-x-400.jpgDon't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L
0 -
Hi Jonas,thank you for the clarification and your workaround.I will try that. I also thought about how to solve my problem and maybe I will go with two adapters on my Wireshark PC. On will be connected to Switch 1 and the other one to Switch 2.But I wonder that GS1920 does not have remote mirroring feature but my previous switch GS1910-24 had it? Both are low-end Switches, right?Thank you for your help.Regards,Jochen0
-
Hi Jochen @letssee,It's my pleasure.Yes, GS1910 and GS1920 series are both low-end switches.But unfortunately, the chipset of GS1920 doesn't support remote-mirroring, kindly apply the workaround to achieve the goal.Hope it helps.Zyxel_Jonas
https://us.v-cdn.net/6029482/uploads/78HOOSV0BUBI/240828-nebula-27s-intentcommunity-homepage-1920-x-400.jpgDon't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight