Mirror traffic to a dedicated port
You can send mirrored traffic to a dedicated port group attached to a physical cable.
When using a dedicated port to connect the Mirror Destination Airwall Gateway to your
packet analyzer, normal switches don’t work. Since port mirroring captures traffic both
directions, MAC flows are both directions. The switch learns all the MACs are connected
to the Mirror Destination group and suppresses all traffic but broadcast, multicast, and
unknown unicast MAC destinations.
Note: This configuration is not supported on the Airwall Gateway 300v
model, because hypervisor has a switch.
Mirror traffic to a dedicated port
To mirror traffic to a dedicated port, you need to:
- Connect your packet analyzer tool to a dedicated port on the Airwall Gateway you want to use as the Mirror Destination.
- On the same Airwall Gateway, create a Mirror Destination port group, and assign the port your analyzer is plugged into to that group.
- Configure a Mirror Destination to send to that Mirror Destination port group.
- Configure Airwall Gateways to act as the Mirror Sources.
- Adjust performance for mirrored traffic.
- Set up security for mirrored traffic.
- Configure your packet analyzer tool.
These steps are described in more detail in the following sections.
Here is a diagram showing this scenario:
