Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 29 subscribers
  • Views 960 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SophosXG v19.0: how to config PortC for specific VLAN for mirrored port?

Steve Bottoms

Hi, all!  Installed XG v19.0 under VMware 7 platform; currently mirroring single VLAN (verified traffic on Procurve switch port). TAP set up on PortC.  Trying to understand how PortC is assigned to the dedicated NIC we installed in the VMware host for this purpose. PortC is clearly not getting any of the traffic that I've verified is coming though the switch port (mirror). Something is clearly not lashed up correctly.

Are there any tools on the XG firewall that'll let me observe the traffic coming across PortC (ala Wireshark)?  I don't see anything in the docs to indicate how to "connect" PortC to be used.

Suggestions for COHERENT documentation welcome (not vague blogs that don't contain real info).

Thanks.

SteveB



This thread was automatically locked due to age.
Parents
  • 0

    Hi, all!  Installed XG v19.0 under VMware 7 platform; currently mirroring single VLAN (verified traffic on Procurve switch port). TAP set up on PortC.  Trying to understand how PortC is assigned to the dedicated NIC we installed in the VMware host for this purpose. PortC is clearly not getting any of the traffic that I've verified is coming though the switch port (mirror). Something is clearly not lashed up correctly.

    Are there any tools on the XG firewall that'll let me observe the traffic coming across PortC (ala Wireshark)?  I don't see anything in the docs to indicate how to "connect" PortC to be used.

    Suggestions for COHERENT documentation welcome (not vague blogs that don't contain real info).

    Thanks.

    SteveB

    You can use the option 5-3 from the console and run ifconfig PortC, if RX is increasing based you your I/O traffic then it's all set.

    You can also do a tcpdump -ni PortC to listen only on PortC traffic.

    Via GUI you can use Diagnostics > Packet Capture and use TCPDUMP filters.

    a

Reply
  • 0

    Hi, all!  Installed XG v19.0 under VMware 7 platform; currently mirroring single VLAN (verified traffic on Procurve switch port). TAP set up on PortC.  Trying to understand how PortC is assigned to the dedicated NIC we installed in the VMware host for this purpose. PortC is clearly not getting any of the traffic that I've verified is coming though the switch port (mirror). Something is clearly not lashed up correctly.

    Are there any tools on the XG firewall that'll let me observe the traffic coming across PortC (ala Wireshark)?  I don't see anything in the docs to indicate how to "connect" PortC to be used.

    Suggestions for COHERENT documentation welcome (not vague blogs that don't contain real info).

    Thanks.

    SteveB

    You can use the option 5-3 from the console and run ifconfig PortC, if RX is increasing based you your I/O traffic then it's all set.

    You can also do a tcpdump -ni PortC to listen only on PortC traffic.

    Via GUI you can use Diagnostics > Packet Capture and use TCPDUMP filters.

    a

Children
No Data
Unfiltered HTML