VLAN traffic is not captured when setting up the port mirror.
sonicwall_beta_user
Newbie
I set up the port mirror on the SWS switch using the following procedure.
1. Navigate to Switching > Port mirroring
2. Edit any of the session id
3. Enable the session state
4 .In the destination port select the port you want all the traffic mirrored to, in your case port 4
5. In the Src TX ports and Src RX ports, select all the ports you need the traffic mirrored from, you can separate the ports with commas or - for a continuous range (i.e. "1-3,5,8-9").
6. Select the ingress state as enabled.
However, it was confirmed that only traffic on the same VLAN port as the Destination port was forwarded.
(ex, If you hold the destination port as 7, only VLAN traffic corresponding to number 7 is visible, and traffic from other VLANs is not visible. )
If there are multiple VLANs, is there anything else I need to do regarding the port mirror setting?
Answers
I wouldn't use a destination port that has been configured for anything. You should be using an unconfigured port as the destination. Disclaimer I dont use Sonicwall switches.
I did the test in two ways.
1. Dest port 19 / Source 1-16
Result -->> Non packet capture
2. Dest port 16 / Source 1-16
Result --> Packet capture only VLAN113 (VLAN to which the port belongs)
Is this bug? or My mistake?
You cant (really shouldnt) have a destination port that is also a source (your second example).
I'd try something more simple first, a 1 to 1 mirror (e.g. source port 1, destination port 19). How are you verifying the capture? Wireshark?
The reason for port mirror is to introduce NAC equipment. Do you know a product called "Forescout"?
We are setting up a port mirror for the introduction of the product. The device is not capturing packets.
Port mirroring is port mirroring, no matter what product the traffic ends up in... my previous comment is still relevant.