Sorry Jimmy My command syntax was slightly wrong I think .Kingsley's command is correct.
Thanks and regards Yogesh Gawankar --- On Fri, 9/10/10, Jimmy Larsson <[email protected]> wrote: From: Jimmy Larsson <[email protected]> Subject: Re: [OSL | CCIE_Security] rspan? To: "Yogesh Gawankar" <[email protected]> Cc: "Kingsley Charles" <[email protected]>, "OSL Security" <[email protected]> Date: Friday, September 10, 2010, 9:05 PM King: So, why is this not in the DSG? Yogesh: You cant specify more than one source per session, but you can have multiple sessions with a common destination (i believe)... /Jimmy 2010/9/10 Yogesh Gawankar <[email protected]> Don't we mean moni session 1 source remote vlan 224 , vlan 24 moni session 1 dest int fa0/15 or am I missing something? Thanks and regards Yogesh Gawankar --- On Fri, 9/10/10, Kingsley Charles <[email protected]> wrote: From: Kingsley Charles <[email protected]> Subject: Re: [OSL | CCIE_Security] rspan? To: "Jimmy Larsson" <[email protected]> Cc: "OSL Security" <[email protected]> Date: Friday, September 10, 2010, 8:56 PM You need to add it also on cat 4. monitor session 1 source vlan 24 monitor session 1 dest remote vlan 224 With regards Kings On Fri, Sep 10, 2010 at 1:23 PM, Jimmy Larsson <[email protected]> wrote: Hello In wb2 lav 11 task 3.1 we are told to monitor vlan 24 in the IPS. This vlan exists active in at least Ca3 and Cat4, and the ips interface is connected to Cat4. The solution from DSG is this: cat3: vlan 224 remote-span ! monitor sess 1 sour vlan 24 both monitor sess 1 dest remote vlan 224 cat4: vlan 224 remote-span ! moni session 1 source remote vlan 224 moni session 1 dest int fa0/15 But this will only bring traffic from vlan24 in cat3 to the ips, right? What happens with traffic in cat4 vlan24 (like asa2 e0/0 which is in vlan24 on cat4 fa0/10), this traffic will never be seen on ips. Do we still comply with requirements to monitor Vlan24? Or would the solution be to also add this to cat4: moni session 1 source vlan 24 moni session 1 dest remote vlan 224 Please enlighten me. :-) /Jimmy -- ------- Jimmy Larsson Ryavagen 173 s-26030 Vallakra Sweden http://blogg.kvistofta.nu ------- _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com -----Inline Attachment Follows----- _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com -- ------- Jimmy Larsson Ryavagen 173 s-26030 Vallakra Sweden http://blogg.kvistofta.nu -------
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
