Remote Port Mirroring on GS1920-24
In the menu, I can only find local mirroring but nothing about remote mirroring?
Thank you
Regards,
letssee
All Replies
-
Hi @letssee,GS1920 series doesn't support remote-mirroring, due to GS1920 is a low-end device.However, good news that there is a workaround to achieve your goal.Based on your description, I assume that your topology is relatively close to mine.Objective:PCA would like to mirror the packet from the server that connected to SW2.Workaround:Procedure:Switch 1:1. Check the Active box to enable mirror and configure port 7 as the monitor port.
Advanced application > Mirroring
2. Configure classifier, check the Active, Log & Count box to able to verify if the classifier had been hit then input the trunk number that you configure (Ex: T1) and VLAN200 for remote-mirror VLAN.
Advanced application > Classifier
3. Configure a policy rule for the created classifier, check the active box and choose the classifier. Then at the Action outgoing category check the “Send the packet to the mirror port”.
Advanced application > Policy ruleConfiguration Switch 1:Switch 2:1. Create a VLAN200 for remote-mirroring, add port 1 & 2 to be VLAN200 members. Then click add to apply the configuration.Advanced application > VLAN > VLAN Configuration > Static VLAN setup
2. Configure PVID 200 for port 4 to flood the mirrored packet from port 3 to VLAN200.Advanced application > VLAN > VLAN Configuration > Static VLAN setup > VLAN port setup
3. Check the Active box to enable mirror and configure port 3 as the monitor port then check port 8 to be mirrored and set both for direction.Advanced application > Mirroring
4. Activate port security and disable address learning for port 4 so that it will flood the mirrored packet.Advanced application > Port security
Configuration Switch 2:
Test Result:
1. Use ping to create an ICMP packet from the server to desktop.
2. Open Wireshark on PCA, you will see that ICMP packet of desktop and server will all be mirrored to PCA through VLAN200.
Jonas0 -
Hi Jonas,thank you for the clarification and your workaround.I will try that. I also thought about how to solve my problem and maybe I will go with two adapters on my Wireshark PC. On will be connected to Switch 1 and the other one to Switch 2.But I wonder that GS1920 does not have remote mirroring feature but my previous switch GS1910-24 had it? Both are low-end Switches, right?Thank you for your help.Regards,Jochen0
-
Hi Jochen @letssee,It's my pleasure.Yes, GS1910 and GS1920 series are both low-end switches.But unfortunately, the chipset of GS1920 doesn't support remote-mirroring, kindly apply the workaround to achieve the goal.Hope it helps.Jonas0
Categories
- All Categories
- 347 Beta Program
- 2.1K Nebula
- 114 Nebula Ideas
- 77 Nebula Status and Incidents
- 5K Security
- 44 USG FLEX H Series
- 246 Security Ideas
- 1.2K Switch
- 65 Switch Ideas
- 901 WirelessLAN
- 33 WLAN Ideas
- 5.8K Consumer Product
- 204 Service & License
- 326 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.8K FAQ
- 831 Nebula FAQ
- 401 Security FAQ
- 219 Switch FAQ
- 190 WirelessLAN FAQ
- 45 Consumer Product FAQ
- 136 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 71 About Community
- 61 Security Highlight