cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable

Web Sense and port mirroring

Jump to solution

     My customer is trying to use Web Sense to Monitor/Block internet traffic through a 1224ST. Port 24 of 1224 is the source port connected to internet access router and port 17 is the destination port hooked up to the Web Sense server (ADP provided). ADP is saying they can not collect data off Port 17 because the Adtran is tagging the packets with VLAN info. All we need to be able to monitor is VLAN 1 traffic. What do I need to do in my setup to strip the VLAN tag so Web Sense can collect the data.Current config as follows.

!

! ADTRAN, Inc. OS version 13.08.00

! Boot ROM version 12.02.00

! Platform: NetVanta 1224ST PWR, part number 1200584L1

!

!

clock timezone -5-Eastern-Time

ip name-server 192.168.2.70 192.168.2.5

ip default-gateway 10.2.2.254

!

no auto-config

!

event-history on

no logging forwarding

no logging email

logging email priority-level info

!

!

vlan 1

  name "Default"

vlan 2

  name "Voice VLan Phone"

vlan 3

  name "Voice VLan Servers & Switches"

vlan 4

  name "LV3 MPLS Interface"

vlan 5

  name "SIP Trunks"

!

interface eth 0/1

  no shutdown

  switchport mode trunk

!

interface eth 0/2

  no shutdown

  switchport mode trunk

!

interface eth 0/3

  no shutdown

  switchport mode trunk

!

interface eth 0/4

  no shutdown

  switchport mode trunk

!

interface eth 0/5

  no shutdown

  switchport mode trunk

!

interface eth 0/6

  no shutdown

  switchport mode trunk

!

interface eth 0/7

  no shutdown

  switchport mode trunk

!

interface eth 0/8

  no shutdown

  switchport mode trunk

!

interface eth 0/9

  no shutdown

  switchport access vlan 3

!

interface eth 0/10

  no shutdown

  switchport mode trunk

!

interface eth 0/11

  no shutdown

  switchport access vlan 5

!

interface eth 0/12

  no shutdown

  switchport mode trunk

!

interface eth 0/13

  no shutdown

  switchport mode trunk

!

interface eth 0/14

  no shutdown

  switchport mode trunk

!

interface eth 0/15

  no shutdown

  switchport mode trunk

!

interface eth 0/16

  no shutdown

  switchport mode trunk

!

interface eth 0/17

  no shutdown

!

interface eth 0/18

  no shutdown

  switchport mode trunk

!

interface eth 0/19

  no shutdown

  switchport mode trunk

!

interface eth 0/20

  no shutdown

  switchport access vlan 3

!

interface eth 0/21

  no shutdown

  switchport access vlan 3

!

interface eth 0/22

  no shutdown

  switchport access vlan 3

!

interface eth 0/23

  speed 100

  no shutdown

  switchport access vlan 4

!

interface eth 0/24

  no shutdown

  switchport mode trunk

!

!

interface gigabit-eth 0/1

  no shutdown

  switchport mode trunk

!

interface gigabit-eth 0/2

  no shutdown

  switchport mode trunk

!

!

interface vlan 3

  ip address  10.2.2.11  255.255.255.0

  no shutdown

!

!

monitor session 1 destination interface ethernet 0/17 no-tag

monitor session 1 source interface ethernet 0/24 both

!

!

end

Labels (1)
0 Kudos
1 Solution

Accepted Solutions
jayh
Honored Contributor
Honored Contributor

Re: Web Sense and port mirroring

Jump to solution

Have you tried:

no monitor session 1 source interface ethernet 0/24 both

monitor session 1 source interface vlan 1 [both]

Not in front of a switch right now so I don't know if the both keyword is applicable to a source VLAN.

View solution in original post

0 Kudos
3 Replies
jayh
Honored Contributor
Honored Contributor

Re: Web Sense and port mirroring

Jump to solution

Have you tried:

no monitor session 1 source interface ethernet 0/24 both

monitor session 1 source interface vlan 1 [both]

Not in front of a switch right now so I don't know if the both keyword is applicable to a source VLAN.

0 Kudos
Anonymous
Not applicable

Re: Web Sense and port mirroring

Jump to solution

- Do you still need assistance with this issue?

Thanks,

Noor

Anonymous
Not applicable

Re: Web Sense and port mirroring

Jump to solution

a_fuller:

I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it, and select another in its place, with the applicable buttons. 

Thanks,

Levi