EasyManua.ls Logo

Cisco Catalyst 4500 Series - Configuring Access List Filtering

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
66-14
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 66 Configuring SPAN and RSPAN
Packet Type Filtering
IP and IPv6 ACLs are supported on SPAN sessions.
Configuring Access List Filtering
To configure access list filtering, perform this task:
Note IP and IPv6 access lists must be created in configuration mode as described in the chapter “Configuring
Network Security with ACLs.
This example shows how to configure IP access group 10 on a SPAN session and verify that an access
list has been configured:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# monitor session 1 source interface fa6/1 both
Switch(config)# monitor session 1 destination interface fa6/2
Switch(config)# monitor session 1 filter vlan 1
Switch(config)# monitor session 1 filter ip access-group 10
Switch(config)# exit
Switch# show monitor
Session 1
---------
Type : Local Session
Source Ports :
Both : Fa6/1
Destination Ports : Fa6/2
Encapsulation : Native
Ingress : Disabled
Learning : Disabled
Filter VLANs : 1
IP Access-group : 10
Packet Type Filtering
When configuring a SPAN session, you can specify packet filter parameters similar to VLAN filters.
When specified, the packet filters indicate types of packets that may be sniffed. If no packet filters are
specified, packets of all types may be sniffed. Different types of packet filters may be specified for
ingress and egress traffic.
Command Purpose
Switch(config)# [no] monitor session
{session_number} filter {ip | ipv6}
access-group [name | id] }{vlan vlan_IDs
[, | - ] } | {packet-type {good | bad}}
| {address-type {unicast | multicast |
broadcast} [rx | tx | both]}
Specifies filter sniffing based on the access list.
For session_number, specify the session number
identified with this SPAN session (1 through 6).
You can specify either a name or a numeric ID for the
access list.
For name, specify the IP access list name.
For id, specify a standard (1 to 199) or extended
(1300-2699) IP access list.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals