JUNOSe 7.2.x Policy Management Configuration Guide
156 ! Configuring CLI-Based Packet Mirroring
Ta b l e 2 7 indicates the sequence of steps for a packet mirroring operation that is
configured for an interface or for a user who is already logged in.
CLI-Based Mirroring Procedure
To configure the CLI-based packet mirroring environment, you must coordinate the
mirroring operations of two devices in the network: the E-series router and the
analyzer device. The configuration of the analyzer device is mentioned in this
section for reference only. The actual configuration procedures depend on the
policies and guidelines established by the responsible organizations.
Configuring the Analyzer Device
The analyzer device must be configured to receive the mirrored traffic from the
E-series router’s analyzer port.
Configuring the E-series Router
To configure the router to support CLI-based packet mirroring:
1. Configure the analyzer port, the route to the analyzer device, and any static
ARP entries.
2. Allow authorized users to have access to the mirror-enable command. The
users can then make the packet mirroring CLI commands visible and perform
the following steps.
3. Configure the secure policy that forwards the mirrored traffic to the analyzer
device.
4. (Optional) For increased security, create an IPSec tunnel between the analyzer
port and the analyzer device.
5. For interface-specific mirroring, attach the secure policy to the interface.
6. For user-specific mirroring, configure the trigger that identifies the user.
Table 27: CLI-Based Mirroring of Currently Running Session
Step Description
1 For user-specific mirroring, the user logs on to the E-series router; no mirroring action
is configured.
2
! CLI-based packet mirroring is configured and enabled on the router.
! For interface-specific mirroring, the router starts mirroring all traffic for the interface.
! For user-specific mirroring, AAA verifies that the mirrored user is already logged in,
then starts mirroring all subsequent traffic to or from the user.
3 The router sends the original traffic to its intended destination.
4 The router sends mirrored traffic to the analyzer device.
5 The analyzer device provides information for the requesting individual.
To Next Page
Loading...
Need help?
General
