Port mirroring will allow you to monitor the network traffic to and/or from specific ports on your switch.

The switch will send a copy of all network packets seen on ports you specify (or an entire VLAN) to a ‘destination port’, where the packet can be analyzed.

First, log in to the switch and set the Display Mode to Advanced

Open

Now we are able to use the menu on the left to navigate to ‘Status and Statistics → SPAN & RSPAN’

If we would like to monitor the traffic on an entire VLAN, we must first designate a pre-defined VLAN to be our ‘RSPAN VLAN’. This is nessescary if we want to monitor traffic from multiple switches (or a single remote switch).

If we intend to only monitor traffic from ports local to this switch, we can leave this option as ‘None’.

Open

Next, we will set up ‘Session Destinations’. This is the port that the monitoring/capture PC will be connected to.

Click ‘Add…'

Here I have selected a ‘Session ID’ of 1, and have connected my capture PC to port 8 (GE8) of the switch.

Select Enable Network Traffic, and Apply.

If we wanted to monitor traffic on our RVLAN, we would instead select Remote VLAN and set the ‘Refelctor Port’ to be the port connected to the capture PC.

Now, we can set up ‘Session Sources’. These are ports that will have their traffic mirrored to the Destination port.

Click ‘Add…’

Here we will select the ‘Session ID' that we set up in the previous step.

I have chosen my ‘Source Interface’ to be Port 4 (GE4) and the ‘Monitor Type’ to be ‘Rx and Tx’. This means that I will be mirroring traffic to and from port 4 and monitoring it on port 8.

Alternatively, we can change our ‘Source Interface’ to be a local VLAN or a ‘Remote VLAN’ if these have been previously configured.

Click Apply.

By repeating the last step, we can add multiple sources to the same destination in order to monitor multiple source ports.

We are now able to use a network analyzer such as Wireshark to capture the traffic being mirrored to our defined destination port.