I asked questions before about monitoring network traffic
I asked questions before about monitoring network traffic at home. I now have the system laid out like this: cable modem feeds into Linksys#1 wireless router, not going to use wireless on it though. Linksys#1 feeds into cisco catalyst 2960C. Other devices plug into cisco catalyst 2960C including an Asus wireless router. Everything seems to have internet access now. I don't know how to login the cisco to set up the "span session" or whatever it takes to capture network traffic.
I have another pc plugged into the cisco that will monitor traffic. That pc also has wifi built in and is connected wireless so hopefully I can remote into it to check traffic.
Hi. My name is ***** ***** I can help you set up a span session on your switch. Once set up, whatever you plug into the span session port should be able to see all of your traffic that passes through your 2960C switch which, from what you describe, should be everything. Internet, wired, and wireless.
The basics are:
This example shows how to set up SPAN session 1 for monitoring source port traffic to a destination port. First, any existing SPAN configuration for session 1 is deleted, and then bidirectional traffic is mirrored from source Gigabit Ethernet port 1 to destination Gigabit Ethernet port 2, retaining the encapsulation method.
Switch(config)# no monitor session 1
Switch(config)# monitor session 1 source interface gigabitethernet1/0/1
Switch(config)# monitor session 1 destination interface gigabitethernet1/0/2 encapsulation replicate
This example shows how to remove port 1 as a SPAN source for SPAN session 1:
Switch(config)# no monitor session 1 source interface gigabitethernet1/0/1
Complete information is found in the Cisco documentation here:
Please note if you are not running version 15 code on your switch, the commands might be a little different. Thus if they don't work, please let me know which version of code you are running and I'll try and dig up the docs for your specific version.
Please let me know if you have questions and how it goes.
Ok, but I don't know how to log in the switch or get to those settings. Since I have 3 switches now, I have no idea what the ip addresses are for the switches. I assume I log in the cisco by typing the ip in the address bar and I can configure it that way?
Well that's a tough one. The switches only have IP addresses if someone created switch interfaces and configured IP addresses. Then you also have to configure the switches for access either via telnet or ssh.
So short of that, you can access your switches via their console port and the blue, Cisco serial cable. If you know how to do that AND know the enable password (if configured), then you should be able to access the CLI.
Which ever one you configure as the span port. You can use any one you want.
Just checking in to see if you were able to create your span port. Do you have any further questions?
I just got to the point where I could connect to it. I am going to try to get it working this weekend. I defaulted it a couple of times but it will not pass internet through it to my wifi router. I bypass it and get internet but put it back in and no internet. I'm still pretty lost on configuration. I'm a robot programmer by trade for 25+ years so I know the language, just too many options that I don't know what they are. I was going to focus on getting internet through it before I try to get advanced with it.
By "defaulted it" do you mean reset the switch to factory default settings? If that's what you did, when you connect devices to your Catalyst switch, do you get link lights on the switch? The reason I ask is that I think by default, the switch ports are shut down and you have to enable them.
yes, factory default. I did see in the configuration where to assign ports to a certain function. I had a router behind it and I could see the devices through the switch but no internet. Hopefully I will get it working this weekend.
OK, thanks. I have to be the last one to reply to a thread or the system keeps telling me I have customers waiting.
Let me know how it goes this weekend and I'll attempt to answer any questions you have.
Ok, I know a little more about it now but not much. I slightly know how to navigate in putty. I have a friend that will remote in to set up the span if needed but the problem is that I can't do the basic config to add the switch in line. I have internet now but if I add the switch between modem and router, internet goes away. Of course I rebooted everything but no luck.
I will only use 3 ports if I can't figure out how to make it dhcp. One from modem, one to router, one to sniffing pc. I would love to use the other ports for other pcs but a friend said only use the 3 ports.
Have you been able to get into "enabled" mode? That's the privileged mode on the switch. To enter it, simply type "enable" at the command prompt and enter the password ***** required.
Once there, please give me the output of "show run". It will be a bunch of text and will show me your complete switch configuration. I don't use putty but there should be a way to capture the output as a log file. Then you can save it to your PC and attach it to this chat.
I'll look that over and see if I can give you the exact commands you need.
Switch#show runBuilding configuration...
Current configuration : 791 bytes!version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Switch!boot-start-markerboot-end-marker!!!!no aaa new-modelsystem mtu routing 1500
There should be a lot more. For example, I should see all of the ports listed and their configurations. That's the part in which I'm most interested. Can you capture it, put it in a notepad file with "word wrap" off (it's in "format"), and then attach it using the paperclip icon just above this chat box?
I turned on logging, mapped the file to the desktop, chose all session output, but don't know how to get it to the document. I just copied and pasted from putty.
You should be able to click the paperclip and then choose the file.
But pasting here works too. However there should be more. Did you keep hitting the spacebar when the "more" prompt was at the bottom of the screen? You need to do that to get all of it. Looks like you just got the first screen.
You should just be able to keep hitting spacebar until the regular prompt returns. Then close your session or scroll back up and copy all of that here.
I'm going to be away for the next 12 hours or so (evening here in the Pacific Time Zone). I will look at this tomorrow. Or if you don't want to wait, I can opt out and open this up to other experts.
I could get you a file but putty isn't logging or even creating a file. I'm just ready to give up on it anyway.
Current configuration : 791 bytes!version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Switch!boot-start-markerboot-end-marker!!!!no aaa new-modelsystem mtu routing 1500!!!!!spanning-tree mode pvstspanning-tree extend system-id!!!!vlan internal allocation policy ascending!!!interface FastEthernet0/1!interface FastEthernet0/2!interface FastEthernet0/3!interface FastEthernet0/4!interface FastEthernet0/5!interface FastEthernet0/6!interface FastEthernet0/7!interface FastEthernet0/8!interface GigabitEthernet0/1!interface GigabitEthernet0/2!interface Vlan1 no ip address shutdown!ip http serverip http secure-serverip sla enable reaction-alerts!line con 0line vty 5 15!end
See this part:
interface Vlan1no ip addressshutdown
That is where the problem is I think. Try this:
interface Vlan 1
See if that makes your switch work and let me know how it goes.
I'm curious if you were able to try my suggestion above and if that got your switch working for Internet access?