Hi Warwick,
Lets take an example:
SW1(gi0/1)--------------(gi0/1)SW2(gi0/2)--------------Router
That is, you have switch 1 called SW1 connected to SW2 an this to your
Internet Router.
Lets think you have the ntopng box in the gi0/3 of the SW2.
You shoul do this in your SW2 switch.
conf t
enable
monitor session 1 source interface Gi0/2
monitor session 1 destination interface Gi0/3
Now, with this, you will have ALL the traffic that passes through port 2
(inbound&outbound) mirroed in the port 3 so ntopng will see all the
traffic you have.
Best regards,
El 11/02/2014 16:41, Warwick Chapman escribió:
Hi Greg
Thanks for this. Is that a type of port on a VLAN that behaves like
promiscuous mode or must it be configured on the gateway device?
I'm really battling to find anything in the ntop documentation about
how to place an ntop box in the right place...
-- Warwick Bruce Chapman | 083 7797 094 | http://wa.rwick.com
Please support the DA's Election 2014 Campaign by donating here
<http://donations.da.org.za/?r=2489>.
On Tue, Feb 11, 2014 at 5:26 PM, Greg Williams <[email protected]
<mailto:[email protected]>> wrote:
You need to create a span/monitor port on a vlan somewhere where
you are seeing the most traffic and have that feed into your box.
From the sound of it you are only seeing switch traffic, which
wouldn't really tell you anything useful.
Greg Williams
IT Security Manager/Security Principal
Department of Information Technology
University of Colorado Colorado Springs
*From:*[email protected]
<mailto:[email protected]>
[mailto:[email protected]
<mailto:[email protected]>] *On Behalf Of *Warwick
Chapman
*Sent:* Tuesday, February 11, 2014 8:16 AM
*To:* [email protected] <mailto:[email protected]>
*Subject:* [Ntop] Where to locate an ntopng box
Howdy
Thank you Luca and team for a great product.
We have the following topology:
LAN --> Cisco ASA --> Cisco ISP
I presently have the box with ntopng running on it plugged into
the ASA's switch but it is capturing very little network activity
at all. How do I ensure that it intercepts all the traffic?
Must I add another network adapter and bridge them and place the
box inline between LAN and Cisco ASA or between Cisco ASA and
Cisco ISP?
Tiny volumes on 15mbps line.
-- Warwick Bruce Chapman | 083 7797 094 | http://wa.rwick.com
<http://wa.rwick.com>
Please support the DA's Election 2014 Campaign by donating here
<http://donations.da.org.za/?r=2489>.
_______________________________________________
Ntop mailing list
[email protected] <mailto:[email protected]>
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
--
Daniel Baeza
Centro de Observación de Red
Dpto. Internet y Telefonía
Television Costa Blanca S.L.
Telf. 966190565
WEB: http://www.tvt.es
Correo: [email protected]
--AVISO LEGAL--
En cumplimiento de la Ley Orgánica 15/1999, de 13 de diciembre de protección de datos de carácter personal, se pone en conocimiento del destinatario del presente correo electrónico, que los datos incluidos en este mensaje, están dirigidos exclusivamente al citado destinatario cuyo nombre aparece en el encabezamiento, por lo que si usted no es la persona interesada rogamos nos comunique el error de envío y se abstenga de realizar copias del mensaje o de los datos contenidos en el mismo o remitirlo o entregarlo a otra persona, procediendo a borrarlo de inmediato.
Asimismo le informamos que sus datos de correo han quedado incluidos en nuestra
base de datos a fin de dirigirle, por este medio, comunicaciones comerciales,
profesionales e informativas y que usted dispone de los derechos de acceso,
rectificación, cancelación y especificación de los mismos, derechos que podrá
hacer efectivos dirigiéndose a Televisión Costa Blanca, S.L., C/ San Policarpo
41 Bajo. C.P: 03181 Torrevieja (Alicante).
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
