Configuration Files
l Configuration file of the Router
#
observe-port interface Ethernet
0/0/1
#
acl number 2000
rule 5 permit source 192.168.1.10
0
#
traffic classifier c1 operator
or
if-match acl
2000
#
traffic behavior
b1
mirror to observe-port
#
traffic policy
p1
classifier c1 behavior
b1
#
interface Ethernet0/0/0
traffic-policy p1
inbound
#
return
4.8.3 Example for Configuring Remote Port Mirroring
The remote port mirroring function allows you to monitor the packets on a remote device.
Networking Requirements
As shown in Figure 4-9, company A's branch network connects to Ethernet1/0/0 on the egress
gateway RouterA, and the headquarters network connects to Ethernet1/0/0 on the ingress
gateway RouterB. An observing device connects to RouterB on the headquarters network. The
observing device monitors all the packets sent from the branch network to ensure enterprise's
information security.
NOTE
The hosts on the enterprise network use private addresses; therefore, a GRE tunnel must be configured on
the public network to ensure communication.
Huawei AR150&200 Series Enterprise Routers
Configuration Guide - Device Management 4 Mirroring Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
82
To Next Page
Loading...
