Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Cannot get port mirroring working to the web filter

nero_64
Occasional Contributor

Cannot get port mirroring working to the web filter

Hi,

I have a 4104GL switch and have set monitoring on A16 port which is the uplink to the cisco router. I want to monitor webpage requests inbound and outbound and then send to the web filter server which is located off port A13. The web filter seems to see the webpages but it doesn't block any.

Is there something wrong with the config. I know the switch is a 4104 and it doesn't support more advanced monitorting features using monitoring groups and vlans etc but it still should be able to work.

See config below:

hostname "HP ProCurve Switch 4104GL"
cdp run
mirror-port A13
module 1 type J4908A
module 2 type J4908A
interface A1
speed-duplex 100-full
exit
interface A16
speed-duplex 100-full
exit
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged A21-A22,B21-B22
no ip address
tagged A1,A16
no untagged A2-A15,A17-A20,B1-B20
exit
vlan 2
name "DMZ"
tagged A1,A16
exit
vlan 3
name "DATA-VLAN"
untagged A2-A15,A17-A20,B1-B20
ip address 10.10.0.28 255.255.255.0
tagged A1,A16
exit
vlan 4
name "VOICE-VLAN"
tagged A1,A16
exit
vlan 5
name "TEST-VLAN"
tagged A1,A16
exit
interface A16
monitor
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
password xxxxx
password xxxxx

help would be appreciated. Thanks

1 REPLY
Kevin Richter_1
Valued Contributor

Re: Cannot get port mirroring working to the web filter

Port monitoring on a 4100gl series switch is INGRESS only. There are some crude workarounds that have been devised back when no other alternatives were available. For your circumstances, I strongly recommend using a different switch to perform the port monitoring you desire.
Check the cabling. Next, check the cabling again.