Re: How To Mirror/Monitor T1 and VPN Traffic w/Cisco Routers?

[Matt Kettler <mkettler () evi-inc com>]

At 11:09 AM 10/4/2004, McCash, John wrote:
>         Is there a way to have a router span or mirror traffic to
> another interface the same way that a switch can? Or can it somehow
> directly copy the datastream to somewhere else on the LAN?

AFAIK the cisco IOS routers do not have any ability to do this.

Unlike a switch, where copying a packet to multiple ports is a matter of 
normal behavior, a router doesn't have the hardware to support this 
multi-copy behavior. It's also much easier to do mulit-destination when all 
your ports are the same kind of hardware and don't require different 
link-layer controls.

If your model does support it, it will likely be configured with the same 
span commands as in their switches (monitor session). It may also be 
restricted to doing this between like types of interfaces. I'd be highly 
surprised (and impressed) if cisco IOS supported mirroring traffic from a 
T1 to an ethernet card. 



-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users