input {
ingress {
interface ge-0/0/0.0;
interface ge-0/0/1.0;
}
}
output {
interface {
ge-0/0/10.0;
}
}
}
}
Mirroring Employee-to-Web Traffic for Local Analysis
To configure port mirroring for employee to web traffic, perform these tasks:
CLI Quick
Configuration
To quickly configure local port mirroring of traffic from the two ports connected to
employee computers, filtering so that only traffic to the external Web is mirrored, copy
the following commands and paste them into the switch terminal window:
[edit]
set ethernet-switching-options analyzer employee–web–monitor output interface ge-0/0/10.0
set firewall family ethernet-switching filter watch-employee term employee-to-corp from
destination-address 192.0.2.16/28
set firewall family ethernet-switching filter watch-employee term employee-to-corp from
source-address 192.0.2.16/28
set firewall family ethernet-switching filter watch-employee term employee-to-corp then
accept
set firewall family ethernet-switching filter watch-employee term employee-to-web from
destination-port 80
set firewall family ethernet-switching filter watch-employee term employee-to-web then
analyzer employee-web-monitor
set interfaces ge-0/0/0 unit 0 family ethernet-switching filter input watch-employee
set interfaces ge-0/0/1 unit 0 family ethernet-switching filter input watch-employee
Step-by-Step
Procedure
To configure local port mirroring of employee-to-web traffic from the two ports connected
to employee computers:
1.
Configure the local analyzer interface:
[edit interfaces]
user@switch#
set ge-0/0/10 unit 0 family ethernet-switching
2.
Configure the
employee-web-monitor
analyzer output (the input to the analyzer
comes from the action of the filter):
[edit ethernet-switching-options]
user@switch#
set analyzer employee-web-monitor output interface ge-0/0/10.0
3.
Configure a firewall filter called
watch-employee
to send mirrored copies of
employee requests to the Web to the
employee-web-monitor
analyzer. Accept all
traffic to and from the corporate subnet (destination or source address of
192.0.2.16/28
). Send mirrored copies of all packets destined for the Internet
(
destination port 80
) to the
employee-web-monitor
analyzer.
[edit firewall family ethernet-switching]
Copyright © 2010, Juniper Networks, Inc.
3546
Complete Software Guide for Junos
®
OS for EX Series Ethernet Switches, Release 10.3
Summary of Contents for JUNOS OS 10.3 - SOFTWARE
Page 325: ...CHAPTER 17 Operational Mode Commands for System Setup 229 Copyright 2010 Juniper Networks Inc ...
Page 1323: ...CHAPTER 56 Operational Mode Commands for Interfaces 1227 Copyright 2010 Juniper Networks Inc ...
Page 2841: ...CHAPTER 86 Operational Commands for 802 1X 2745 Copyright 2010 Juniper Networks Inc ...
Page 3367: ...CHAPTER 113 Operational Mode Commands for CoS 3271 Copyright 2010 Juniper Networks Inc ...
Page 3435: ...CHAPTER 120 Operational Mode Commands for PoE 3339 Copyright 2010 Juniper Networks Inc ...
Page 3529: ...CHAPTER 126 Operational Mode Commands for MPLS 3433 Copyright 2010 Juniper Networks Inc ...