There is a way to made a "system" based in a small Mikrotik like the RB750/hEX for sniffing purposes? My first idea is to connect it between the network (Switch) and the ISP (Router). It is possible to configure two ports in "port mirroring" mode and at the same time a third port acting as "bridge" of the mirrored one?
PORT 1 mirrored on PORT 3
PORT 1 and PORT 2 are "bridged"
INET ------ [public IP 190.xxx.xxx.xxx]-[ISP ROUTER][private IP 192.168.aaa.xxx] ------> [RB750 port 1]
[RB750 port 2] ------> [::::SWITCH::::] -------> LAN SIDE [private network 192.168.aaa.xxx/24]
[RB750 port 3] -------> IDS DEVICE (sniffer)
It's intented to use it as a portable Sniffing solution for on site analysis where we can't access to change router/switch parameters.
Tks in advance for your comments!