Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kbahrudin_FTNT
Staff
Staff

Created on ‎07-22-2015 05:34 PM

Article Id 191137

Technical Note: SPAN (Port Mirroring) using ports associated to underlying switch chip/driver

Description
This article explains how to setup SPAN (Port Mirroring) using ports associated to underlying switch chip/driver.

Scope
SPAN (Port Mirroring)

Solution
The Switch Port Analyzer (SPAN) feature is now available for hardware switch interfaces on FortiGate models with built-in hardware switches (for example, the FortiGate-100D, 140D, and 200D etc.)

To enable SPAN on a hardware switch via the GUI, go to System > Network > Interfaces and edit a hardware switch interface.

By default the system may have a hardware switch interface called LAN. A new hardware switch interface can also be created.
  • Select the SPAN check box, then select a source port from which traffic will be mirrored.
  • Select the destination port to which the mirrored traffic is sent.
  • Select to mirror traffic received, traffic sent, or both.

SPAN can also be enabled in the CLI:
config system virtual-switch
edit <port>
set span enable
set span-source-port <port>
set span-dest-port <port>
set span-direction {both | Tx | Rx}
end
end

84551
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.