EasyManuals Logo
Home>Juniper>Network Router>E Series

Juniper E Series Configuration Guide

Juniper E Series
212 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #175 background imageLoading...
Page #175 background image
Configuring CLI-Based Packet Mirroring ! 159
Chapter 6: Packet Mirroring
3. Configure the secure L2TP policy that forwards the mirrored traffic to the
analyzer device at 192.168.99.2, port 6500.
hosts1(config)#secure l2tp policy-list l2tp_toMirrorHQ
host1(config-policy-list)#classifier-group *
host1(config-policy-list-classifier-group)#mirror analyzer-ip-address 192.168.99.2
analyzer-virtual-router default analyzer-udp-port 6500 mirror-identifier 1
session-identifier 1
4. Configure packet mirroring for the subscriber identified by username
jwbooth@isptheatre.com and associate the secure policy with the user.
host1(config)#virtual-router lac
host1:lac(config)#mirror username jwbooth@isptheatre.com l2tp
secure-policy-list l2tp_toMirrorHQ
Now, when subscriber jwbooth@isptheatre.com logs in, the packet mirroring
session starts and the subscriber’s replicated traffic is sent through the secure
IPSec tunnel to the remote analyzer device.
5. Verify the packet mirroring configuration.
host1#show mirror subscribers
Subscriber ID Subscriber ID Secure Policy Secure Policy List Sessions
Method Type Mirrored
------------------ ------------------ ------------- ------------------ --------
lac:jwbooth@isptheatre.com username l2tp l2tp_toMirrorHQ 1
6. Verify the configuration of the secure L2TP policy.
host1#show secure policy-list name l2tp_toMirrorHQ
Policy Table
------ -----
Secure L2TP Policy l2tp_toMirrorHQ
Administrative state: enable
Reference count: 2
Classifier control list: *
mirror analyzer-ip-address 192.168.99.2 analyzer-virtual-router default
analyzer-udp-port 6500 mirror-id 1 session-id 1
Referenced by interface(s):
TUNNEL l2tp:5/1/5 secure-input policy
TUNNEL l2tp:5/1/5 secure-output policy
Commands and Guidelines
This section lists the commands you use to configure CLI-based packet mirroring.
classifier-group
! Use to create a classifier group for a secure policy list and enter Classifier Group
Configuration mode.
! In Classifier Group Configuration mode, you configure the mirror action for the
classifier group.

Table of Contents

Other manuals for Juniper E Series

Preview: Hardware Guide
Hardware Guide216 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Juniper E Series and is the answer not in the manual?

Juniper E Series Specifications

General IconGeneral
BrandJuniper
ModelE Series
CategoryNetwork Router
LanguageEnglish

Related product manuals