1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE...
  6. Configuration manual

Example: Configuring Cli-Based User-Specific Mirroring - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04 Configuration Manual

Software for e series broadband services routers policy management configuration guide
Hide thumbs Also See for JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04:
Table of Contents

Advertisement

Example: Configuring CLI-Based User-Specific Mirroring

Copyright © 2010, Juniper Networks, Inc.
about the prepended mirror header. The classifier-group command uses a previously
configured classifier list, secClassA.
host1:vr1(config)#secure ip policy-list secureIpPolicy1
host1:vr1(config-policy-list)#classifier-group secClassA
host1:vr1(config-policy-list-classifier-group)#mirror analyzer-ip-address 192.168.125.29
analyzer-virtual-router vr1
Attach the secure policy to the interfaces whose traffic you want to mirror. This
4.
example mirrors input traffic at interface ATM 5/0.1 and output traffic at interface
ATM 5/0.2.
host1:vr1(config)#interface atm 5/0.1
host1:vr1(config-if)#ip policy secure-input secureIpPolicy1
host1:vr1(config)#interface atm 5/0.2
host1:vr1(config-if)#ip policy secure-output secureIpPolicy1
Verify the secure policy configuration.
5.
host1# show secure policy-list name secureIpPolicy1
Secure IP Policy secureIpPolicy1
Administrative state: enable
Reference count:
Classifier control list: secClassA
mirror analyzer-ip-address 192.168.125.29 analyzer-virtual-router vr1
Referenced by interface(s):
ATM5/0.1
secure-input policy, virtual-router vr1
ATM5/0.2
secure-output policy, virtual-router vr1
This example shows the configuration of a CLI-based packet mirroring session for
subscribers. . The mirroring session replicates all traffic associated with each user, and
then sends the replicated traffic to the analyzer device.
Enable the visibility and use of the packet mirroring CLI commands.
1.
host1#mirror-enable
Create the analyzer interface and the route to the analyzer device.
2.
For L2TP subscribers:
host1(config)# interface tunnel ipsec:mirror3 transport-virtual-router default
host1(config-if)#ip analyzer
host1(config-if)#exit
host1(config)#ip route 192.168.99.2 255.255.255.255 tunnel ipsec:mirror3
For DHCP and PPP subscribers:
host1(config)# interface atm 4/0.1
host1(config-if)#ip address 19.0.0.2 255.255.255.0
host1(config-if)#ip analyzer
host1(config-if)#exit
host1(config)#ip route 19.0.0.2 255.255.255.255 101.101.101.2
Chapter 11: Configuring CLI-Based Packet Mirroring
Policy Table
------ -----
2
229

Advertisement

Table of Contents
loading

Related Manuals for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04

Related Content for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04

This manual is also suitable for:

Junose 11.3

Table of Contents