Port mirroring on SG-2100 and SG-3100
-
I have a question about port mirroring and the SG-2100 and SG-3100.
I’ve been using pfSense on an old computer for use as a firewall between my lab network and home network. Circumstances mean that I will have to continue using my ISP router/modem for at least 6 months. The network looks like this (WAN on pfSense is configured as a static ipv4 address):
This is not an ideal setup, however I will soon be moving and can re-do the entire network at that time; nonetheless, I need to replace my pfSense box with a Netgate appliance right away.
I would like to experiment with port mirroring and had planned to add a Raspberry-Pi to the network like this:
The Raspberry-Pi would analyze the traffic between the ISP router and Lab Network. I realize that pfSense can run Suricata, but I would like to use the Pi as shown in the diagram as a learning opportunity.
I read that the SG-2100 and SG-3100 do not support STP on the LAN ports. I’m a beginner in networking and from what I have read STP ≠ port mirroring, but from what I have learned so far, it seems related.
Can the SG-2100 or SG-3100 support port mirroring? Could the WAN of either appliance be mirrored to LAN1 (in the SG-2100) or to OPT (in the SG-3100)?
-
Don't you have a smart switch.. Even cheap <$40 smart switch would support mirroring or span.. And no span is not the same as stp..
Off the top of my head, I wouldn't think 2100 or 3100 support span/mirror port. But I would think a "lab" has a smart/managed switch in it ;)
-
@pf-beginner said in Port mirroring on SG-2100 and SG-3100:
I read that the SG-2100 and SG-3100 do not support STP on the LAN ports. I’m a beginner in networking and from what I have read STP ≠ port mirroring, but from what I have learned so far, it seems related.
Spanning Tree Protocol and mirroring are 2 different things. STP is used to prevent loops, when multiple switches are used. Mirroring allows you to monitor a network connection, using Wireshark or similar. The only thing they have in common is they both use a managed switch. For port mirroring, you can configure a managed switch as a data tap.
-
@jknott Thanks for the link to your data tap post, that's just the step-by-step guide I needed!
@johnpoz I guess I've been watching too many networking videos on Youtube. The so-called "Lab" in the diagrams above could more accurately be termed "a disparate collection of various computers on a rudimentary network"
I've got a little TP-Link switch somewhere, but I doubt it would be smart switch. -
haha - then its not a "lab" ;)
Buy yourself a $40 smart switch - then you can mirror/span whatever you want.
