You need to add it also on cat 4.
monitor session 1 source vlan 24 monitor session 1 dest remote vlan 224 With regards Kings On Fri, Sep 10, 2010 at 1:23 PM, Jimmy Larsson <[email protected]> wrote: > Hello > > In wb2 lav 11 task 3.1 we are told to monitor vlan 24 in the IPS. This vlan > exists active in at least Ca3 and Cat4, and the ips interface is connected > to Cat4. The solution from DSG is this: > > cat3: > vlan 224 > remote-span > ! > monitor sess 1 sour vlan 24 both > monitor sess 1 dest remote vlan 224 > > cat4: > vlan 224 > remote-span > ! > moni session 1 source remote vlan 224 > moni session 1 dest int fa0/15 > > But this will only bring traffic from vlan24 in cat3 to the ips, right? > What happens with traffic in cat4 vlan24 (like asa2 e0/0 which is in vlan24 > on cat4 fa0/10), this traffic will never be seen on ips. Do we still comply > with requirements to monitor Vlan24? > > Or would the solution be to also add this to cat4: > > moni session 1 source vlan 24 > moni session 1 dest remote vlan 224 > > Please enlighten me. :-) > > /Jimmy > > -- > ------- > Jimmy Larsson > Ryavagen 173 > s-26030 Vallakra > Sweden > http://blogg.kvistofta.nu > ------- > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
