Hua switch configuration port image

Background: A company installs an intranet access device, configures port image on the core switch, mirrors the intranet incoming and outgoing traffic to the access device monitoring port for behavior monitoring, sends reset message to block when the traffic comes from untrusted terminals, and redirects the http request of untrusted terminals to the access device, The terminal is required to install the access client for authentication before it is allowed to access the network.

Configuration idea: configure a local observation port, which is connected with the monitoring port of the access device, and copy the port traffic to be monitored to the interface.

Operation steps

1. Log in to the switch using the Telnet or Console port.

2. Configure local observation port (23 ports are configured here as local observation ports)

 <Huawei> system-view [Huawei] observe-port 1 interface Gigabitethernet 0/0/23

3. Configure the port image, and copy the port traffic that needs to be monitored and to the observation port (The GE0/0/1-6 ports are configured here as image ports)

 [Huawei] interface Gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] port-mirroring to observe-port 1 both [Huawei-GigabitEthernet0/0/1] quit [Huawei] interface Gigabitethernet 0/0/2 [Huawei-GigabitEthernet0/0/2] port-mirroring to observe-port 1 both [Huawei-GigabitEthernet0/0/2] quit [Huawei] interface Gigabitethernet 0/0/3 [Huawei-GigabitEthernet0/0/3] port-mirroring to observe-port 1 both [Huawei-GigabitEthernet0/0/3] quit [Huawei] interface Gigabitethernet 0/0/4 [Huawei-GigabitEthernet0/0/3] port-mirroring to observe-port 1 both [Huawei-GigabitEthernet0/0/3] quit

4. Verify Configuration

View the configuration of the observation port

 [Huawei] display observe-port ---------------------------------------------------------------------- Index : 1 Untag-packet : No Interface : GigabitEthernet0/0/23 ----------------------------------------------------------------------

View the port image configuration:

 [Huawei] display port-mirroring ---------------------------------------------------------------------- Observe-port 1 : GigabitEthernet23/0/4 ---------------------------------------------------------------------- Port-mirror: ---------------------------------------------------------------------- Mirror-port Direction Observe-port ---------------------------------------------------------------------- 1 GigabitEthernet0/0/1 Inbound  Observe-port 1 2 GigabitEthernet0/0/1 outbound Observe-port 1 3 GigabitEthernet0/0/2 Inbound  Observe-port 1 4 GigabitEthernet0/0/2 outbound Observe-port 1 5 GigabitEthernet0/0/3 Inbound  Observe-port 1 6 GigabitEthernet0/0/3 outbound Observe-port 1 7 GigabitEthernet0/0/4 Inbound  Observe-port 1 8 GigabitEthernet0/0/4 outbound Observe-port 1 ----------------------------------------------------------------------

After the configuration is completed, remember to save it after the successful configuration. Don't ask me how I know it (ノ๑)` ȏ ´๑)ノ︵ ⌨。

This article is published at: yingfeng Blog >> Hua switch configuration port image , please indicate the source for reprinting.