Mirroring target port becomes unreachable when port mirroring is enabled.

[serge]

I am stuck on the port mirroring section. The issue is that once I have added the source port and target port with type set to 'both' and save the setting the computer attached to the target port is no longer reachable and hence I cannot use remote desktop connection and access wfilter installed on it. How do I get around this problem?



I have a Cisco ASA 5500 connected to port e37 on the Linksys switch and the computer running Wfilter on port e27.

[gengw2000]

Some switches does not support outgoing traffic on the mirroring port. For example, cisco switch's mirroring port is recv-only unless "ingress" parameter is enabled. I am not sure your switch has this kind option.

In this case, WFilter is monitoring only. To solve this problem, you need to add another network card in the WFilter computer.

Please follow below steps:

1. Add another network card.

2. Connect the new NIC to a normal port in your switch.

3. Set proper ip address and gateway.

4. In "System Settings"->"Monitoring Settings" of WFilter, configure the new adapter as the "blocking adapter".

5. Done.



You'd better also check this topic in case the new NIC is not working: http://blog.imfirewall.us/Blocking+Adapter+Doesnt+Work+When+Using+Two+Network+Cards+With+WFilter.aspx