Juniper EX9200 Features Manual page 101
Port mirroring feature guide ex series
Hide thumbs
Also See for EX9200:
- Features manual (342 pages) ,
- Manual (118 pages) ,
- Overview manual (72 pages)
Table of Contents
Advertisement
Mirroring Employee-to-Web Traffic for Remote Analysis
CLI Quick
Configuration
Copyright © 2016, Juniper Networks, Inc.
Figure 1 on page 85
shows the network topology for both these example scenarios.
Figure 1: Remote Mirroring Network Topology Example
In this example:
a. Interface ge-0/0/0 is a Layer 2 interface, and interface ge-0/0/1 is a Layer 2 interface
(both interfaces on the source switch) that serve as connections for employee
computers.
b. Interface ge-0/0/10 is a Layer 2 interface that connects the source switch to the
destination switch.
c. Interface ge-0/0/5 is a Layer 2 interface that connects the destination switch to the
remote monitoring station.
d. VLAN
remote-analyzer
is configured on all switches in the topology to carry the mirrored
traffic.
To configure port mirroring for remote traffic analysis of employee-to-Web traffic, perform
these tasks:
To quickly configure port-mirroring to mirror employee traffic to the external Web, copy
the following commands and paste them into the switch terminal window:
Copy and paste the following commands in the source switch terminal window:
[edit]
set forwarding-options port-mirroring instance employee-web-monitor output vlan 999
set vlans remote-analyzer vlan-id 999
set interfaces ge-0/0/10 unit 0 family ethernet-switching interface-mode access
set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members 999
set firewall family ethernet-switching filter watch-employee term employee-to-corp from
destination-address 192.0.2.16/28
set firewall family ethernet-switching filter watch-employee term employee-to-corp from
source-address 192.0.2.16/28
Chapter 9: Port Mirroring for Remote Destinations
85
Advertisement
Table of Contents
