Re: ASA 5506-X Port Mirror /Span

jkellogg · ‎05-16-2018

Is it possible to setup port mirroring on the ASA 5506-X? I have a single eight port switch connected to my ASA. I use ports 1-7 for my internal network (inside interface -10.0.0.0/24). This is inline with the ASA Firepower module.

Could I also setup port 8 to mirror packets from my switch to the ASA Firepower module via span port? The goal is to have the packets routed by the switch to be susceptible to Firepower/IDS inspection as I'm only inspecting internet traffic at the moment.

Mohammed al Baqari · ‎05-16-2018

Yes you can configure port mirroring on the switch to forward the packets
to IDS device. Now whether firepower is connect to switch or any device
doesn't really matter. Just all traffic in/out will be forwarded out of
span port

Florin Barhala · ‎05-17-2018

I think he wants to setup SPAN on ASA rather than the switch.
@ jkellogg90@gmail.com what switch model you have there? Where exactly you need to add SPAN config: switch or ASA?

jkellogg · ‎05-17-2018

Sorry for the confusion. I'd like to send a copy of all packets on the switch to the ASA Firepower for inspection. It's a non Cisco switch. TL-SG3210. I've already setup the forwarding of the packets from the switch to the ASA. When running a capture on the interface of the ASA I'm only seeing broadcast traffic.