Help
FortiSwitch
FortiSwitch: secure, simple and scalable Ethernet solutions
yabhishek
Staff
Staff

Created on ‎12-24-2024 03:06 AM

Article Id 366319

Technical Tip: Not able add same set of ports in two mirror sessions

Description This article describes the best practice for using two collectors to capture the mirrored traffic.
Scope FortiSwitch.
Solution

In some scenarios, in which multiple port mirroring instances are created, then two collectors cannot collect the mirrored traffic for the same set of ports.

 

For Example:

 

config switch mirror
    edit "MR1"
        set status active
        set dst "port6"
        set switching-packet enable
        set src-ingress "port1" "port2"
        set src-egress "port1" "port2"
    next
end

 

while creating a different mirror session to mirror port1 switch will give the below error :


S448DF3X170----4 # con switch mirror

S448DF3X170----4(mirror) # edit MR2
new entry 'MR2' added

S448DF3X170----4(MR2) #
S448DF3X170----4(MR2) # set status active

S448DF3X170----4(MR2) # set src-ingress port1

S448DF3X170----4(MR2) # set src-ingress port1

S448DF3X170----4(MR2) # set dst port5

S448DF3X170----4(MR2) # set switching-packet enable

S448DF3X170----4(MR2) # next
One or more of the source ports is used as a source in too many mirror sessions.
object set operator error, -6088 discard the setting

 

Therefore, once the ports are added for a mirror session, they cannot be used for any other mirror sessions simultaneously.
184
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.