Configuration of traffic mirroring on the CLI for the USG2000&5000 series

21

The USG2000&5000 series does not support traffic mirroring.

Other related questions:
Traffic statistics configuration on the USG2000&5000 series
You can configure traffic statistics on the CLI of the USG2000&5000 series: 1. Configure an ACL to define packets to be debugged. 2. Run the firewall statistic acl 3333 enable command in the diagnose view. [USG-diagnose] firewall statistic acl 3333 enable 3. Run the display firewall statistic acl command in the diagnose view. [USG-diagnose] display firewall statistic acl 14:33:26 2010/03/27 Current Show sessions count: 1 Protocol(ICMP) SourceIp(172.16.1.156) DestinationIp(172.16.1.25) SourcePort(1) DestinationPort(2048) VpnIndex(public) Receive Forward Discard Obverse : 4 pkt(s) 4 pkt(s) 0 pkt(s) Reverse : 4 pkt(s) 4 pkt(s) 0 pkt(s) Discard detail information: Check whether the firewall receives packets, forwards the packets, and receives return packets. If some packets are dropped, determine the packet loss location. View packet discard possible causes to identify the cause. 4. After debugging is complete, disable traffic statistics as soon as possible because long-term traffic statistics affect firewall performance. 5. Run the undo firewall statistic command to disable traffic statistics. 6. Run the reset firewall statistic acl all command to clear statistics. 7. If necessary, run the undo acl xxxx command to delete the configured ACL.

Configuration of traffic mirroring on the web UI for the USG2000&5000 series
The USG2000&5000 series does not support traffic mirroring.

Configuration of traffic mirroring on the CLI for the USG6000 series
The USG6000 series does not support traffic mirroring.

The USG2000 & 5000 & 6000 series is configured with port mirroring.
Note: Enabling the port mirroring feature helps to locate the network, but because the function may affect the performance of the device to a certain extent, use it with caution. After the network problem is finished, turn off port mirroring. To prevent the problem that the mirroring packets can not be received due to the different transmission rate of the interface, make sure that the transmission rate of the observing port and the mirroring port are the same. Steps 1. Run the system-view command to enter the system view. 2, the implementation of the command observing-port observing-port, configure the observation port. The observing port is a non-service interface for transmitting traffic packets that are mirrored to the port. You can observe the packets passing through the corresponding port through the observing port. Run the port-mirroring mirroring-port {both | inbound | outbound} observing-port [acl-number acl-number] command to enable port mirroring. The mirroring port is a service port for sending and receiving service packets. Before you enable port mirroring, the corresponding observing port must already be configured with the observing-port command.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top