Example: Configuring Layer 2 Port Mirroring To Remote Vlan - Juniper EX9200 Features Manual
Port mirroring feature guide ex series
Hide thumbs
Also See for EX9200:
- Features manual (342 pages) ,
- Manual (118 pages) ,
- Overview manual (72 pages)
Table of Contents
Advertisement
Related
Documentation
Example: Configuring Layer 2 Port Mirroring to Remote VLAN
Copyright © 2016, Juniper Networks, Inc.
For example, create a firewall filter called
and
, and assign the
to-analyzer
instance:
Create the first term to define the traffic that should not pass through to the
a.
port-mirroring instance
[edit firewall family ethernet-switching]
user@switch# set filter (Firewall Filters) example-filter term no-analyzer from
source-address 192.0.2.14
[edit firewall family ethernet-switching]
user@switch# set filter example-filter term no-analyzer from protocol tcp
[edit firewall family ethernet-switching]
user@switch# set filter example-filter term no-analyzer then accept
Create the second term to define the traffic that should pass through to the
b.
port-mirroring instance
[edit firewall family ethernet-switching]
user@switch# set filter example-filter term to-analyzer from destination-port 80
[edit firewall family ethernet-switching]
user@switch# set filter example-filter term to-analyzer then port-mirror-instance
employee–monitor
[edit firewall family ethernet-switching]
user@switch# set filter example-filter term to-analyzer then accept
Apply the firewall filter to an interface or VLAN that provides input to the port-mirroring
3.
instance.
To apply a firewall filter to an interface:
[edit]
user@switch# set interfaces interface-name unit 0 family ethernet-switching filer (input |
output) filter-name
To apply a firewall filter to a VLAN:
[edit]
user@switch# set vlan (vlan-ID or vlan-name) filter (input | output) filter-name
For example, to apply the
[edit]
user@switch# set interfaces ge-0/0/1 unit 0 family ethernet-switching filter input
example-filter
For example, to apply the
[edit]
user@switch# set vlan source-vlan filter input example-filter
Example: Configuring Layer 2 Port Mirroring to Remote VLAN on page 83
Layer 2 Port Mirroring to Remote Destination by Using Destination as VLAN on page 81
EX9200 switches enable you to configure mirroring to send copies of packets to either
a local interface for local monitoring or to a VLAN for remote monitoring. You can use
mirroring to copy these packets:
Packets entering or exiting a port
Chapter 9: Port Mirroring for Remote Destinations
example-filter
term to the
to-analyzer
:
employee-monitor
:
employee-monitor
firewall filter to the ge-0/0/1 interface:
example-filter
example-filter
filter to the
source-vlan
with two terms
no-analyzer
port-mirroring
employee-monitor
VLAN:
83
Advertisement
Table of Contents
