Cisco ASA: Firewall rule testing before deployment

Introduction You want to segregate the network between users and servers network. Both the users and servers network is using the same subnet 192.168.20.0/24, to reduce the changes while implementing firewall and to test the firewall before it is deployed in between users and servers you have decided to do the following: 1. Use transparent … Continue reading Cisco ASA: Firewall rule testing before deployment →

SPAN and VSPAN demonstration

VSPAN monitor session 1 source vlan 1 rx monitor session 1 destination interface Fa0/22 Cat3550 has its limitation of only monitoring traffic received by Vlan. The destination port is at fa0/22. I connected my pc to fa0/22 and turned on wireshark, meanwhile my pc at fa0/21 is pinging to Vlan 1 ip address 10.10.10.1. From … Continue reading SPAN and VSPAN demonstration →

Characteristics of VSPAN

Recently I am doing mass configuration of WS3750-24G switches. The final configuration is different from the initial configuration which I have done for the PoC. Customer has wanted a VSPAN and want to be monitored from interface gi1/0/21 to 22, I studied my colleague's configuration and found that the destination ports are within the same … Continue reading Characteristics of VSPAN →

SPAN

2950-1(config)#monitor session 1 source interface fa0/9 - 24 both 2950-1(config)#monitor session 1 destination interface fa0/8 Wow... WS-2950-24-TS can really monitor so many ports on both directions? My WS-3550-24TS cannot do this... it can only allow one physical to be monitored on both direction....