Configuring Port Mirroring on a Security Gateway

1. To configure port mirroringlogRun > add bridging group 0 to create a new bridge group.
2. Run > add bridging group 0 <if_name> to add the interface to bridging group br0.

   <if_name> = Interface name

3. In SmartDashboard, add the bridge interface to the 61000/41000 Security System gateway object.
4. Change the bridge interface name to br0.
5. Select Global Properties from the Policy menu.
6. Select Stateful Inspection and clear the Drop out of state packets options.

   

7. Install policy.
8. From the 61000/41000 Security System command line, run:

   > asg_span_port set

   This defines the interface as a SPAN port.

9. Reboot all SGMs.
10. In Global Properties > Stateful Inspection > Exceptions, add an exception for the 61000/41000 Security System.

We recommend that you run asg if to make sure that the bridge and its related interface are up and running.