Community discussions

MikroTik App
 
itchycube
just joined
Topic Author
Posts: 4
Joined: Mon Jan 06, 2014 3:13 pm

Multiple Port MIrrors

Mon Jan 06, 2014 3:23 pm

Hi Guys,

I've just recently upgraded from a RB750GL to a RB2011UiAS-2HnD-IN, specifically so i can get rid of the separate wireless AP i was previously using.

I have eth1 bridged into an ADSL modem for PPPoE. eth2 runs off to a much larger switch. This separate switch used to be where my wireless AP was connected. On my 750GL i just had to mirror eth2 to eth3 and connect my IDS and all was well.

Now with the R2011, i have eth1 again bridged to the modem, and eth2 off to the larger switch, but i also have the internal wireless enabled and working on the RB2011.

I'm struggling though to figure out how i can setup the RB2011 though so that all traffic through eth2 - but also wlan1 is mirrored out of eth3.

Any suggestions would be much appreciated. The wireless interface doesn't show up in either switch1 or switch2 - so i can;t create a interface mirror rule with it.

And the bridge interface on the RB2011 doesn't seem to be the right place to setup a mirror either.

Thanks,

Scott
 
User avatar
cbrown
Trainer
Trainer
Posts: 1839
Joined: Thu Oct 14, 2010 8:57 pm
Contact:

Re: Multiple Port MIrrors

Mon Jan 06, 2014 4:08 pm

You will have to create a bridge interface and then put the wlan1 and ether2 in the bridge.
 
itchycube
just joined
Topic Author
Posts: 4
Joined: Mon Jan 06, 2014 3:13 pm

Re: Multiple Port MIrrors

Mon Jan 06, 2014 10:02 pm

Thanks cbrown.

I already have a bridge (thanks to the out of the box config) which contains eth2-5, eth6-master and wlan1 (which makes sense given the block diagram for the RB2011).

Is this ok (or does it need to be a bridge with only eth2 and wlan1)?

And once i have created the bridge - how do i then set the bridge as the mirror source? Or should i just be able to set eth2 as the mirror source?

Thanks again for your help.

Cheers,

Scott
 
User avatar
cbrown
Trainer
Trainer
Posts: 1839
Joined: Thu Oct 14, 2010 8:57 pm
Contact:

Re: Multiple Port MIrrors

Tue Jan 07, 2014 2:32 pm

You will not be able to mirror either the bridge or the wlan interface.

What are you trying to do exactly? Maybe there is another way to achieve your goal.
 
itchycube
just joined
Topic Author
Posts: 4
Joined: Mon Jan 06, 2014 3:13 pm

Re: Multiple Port MIrrors

Tue Jan 07, 2014 11:20 pm

All i'm after is to mirror all traffic in and out of eth2 (LAN clients) and all traffic in and out of wlan1 (WLAN clients) to eth3 which will be plugged into an IDS.

Thanks for your help thus far.

Who is online

Users browsing this forum: Amazon [Bot], Bing [Bot], fposavec, Google [Bot] and 52 guests