Sorry for the newbie question but I'm currently setting up a lab in my office, and I'm a Cisco beginner. Everything is configured properly I believe. My management interfaces are talking back to SiteProtector correctly (push policies, active status, etc) and I have a router between both VLANs that is properly routing the traffic between both VLANs on the same switch. My sensors, Proventia G & A, can talk to the SiteProtector, but I can't get a SPAN port to work properly. The line protocol goes down on the dest SPAN port interface after setting up two source SPAN ports and I assign the dest SPAN port that is directly connected to the monitoring interface of the appliances. My dest SPAN port is in the VLAN of both source SPAN ports and igmp snooping is globally disabled. I presume this is why I can't get any traffic and no events are being detected when I run nmap or Internet Scanner scans. Also the switch is a Cisco 2950. Any help would be highly appreciative.
Benny Castaldo Senior Security Engineer DS/SI/IS Comm: 571-345-3091 _______________________________________________ ISSForum mailing list [email protected] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
