EasyManua.ls Logo

Check Point QUANTUM SPARK 1600 - Mirror Port; To configure a mirror port; Physical Interfaces

Check Point QUANTUM SPARK 1600
332 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuring the Local Network
Quantum Spark 1500, 1600, and 1800 Appliances R81.10.X Locally Managed Administration Guide|87
If you do not see the Monitor Mode option:
1. Run this command in Gaia Clish:
set monitor-mode-configuration allow-monitor-mode true
2. Select an interface in WebUI and click Edit.
Monitor Mode is now added to the options list.
For more information on monitor mode, see sk112572.
Mirror Port
All traffic that goes through one or more LAN ports of the appliance can be duplicated into one designated
mirror port. For example, all traffic that passes through LAN1 and LAN2 is duplicated into LAN5, which is
configured as the mirror port. You can only configure one mirror port at a time.
Use Case If an external device is connected to the mirror port, it receives all traffic that goes through
LAN1/LAN2 of the appliance. This enables you to monitor traffic that goes through the appliance from the
external device.
The mirror port is the opposite of the existing monitor port feature, in which the traffic from an external
source such as a network switch or router goes into the (WAN) port of the appliance, so the appliance can
inspect the traffic going through the external source.
To configure a mirror port:
To configure a mirror port:
1. In the Device > Local Network page, select the designated mirror port and unassign it:
a. Click Edit.
The Edit LAN window opens.
b. In the Configuration tab, in the Assigned to field, select Unassigned.
c. Click Apply
2. In the Local Network table, select the LAN port you want to duplicate and click Edit.
The Edit LAN window opens.
3. In the Port Mirroring section of the Advanced tab, select the checkbox Assign to mirror port.
4. In the Port field, select the mirror port from the drop-down menu.
5. Click Apply.
6. In the Local Network table, right-click the mirror port and click Enable.
7. Repeat for each LAN port you want to duplicate in the mirror port.
Physical Interfaces
To edit a physical interface:
Configure the fields in the tabs. Note that for the DMZ there is an additional tab Access Policy:
The 'Configuration' tab

Table of Contents

Other manuals for Check Point QUANTUM SPARK 1600

Preview: Getting Started Guide
Getting Started Guide53 pages

Related product manuals