Hello forum users, Recently i discovered that you cannot monitor a switched network without doing some special stuff. I solved that by using a named pipe on the server i wanted to monitor. Is it possible in a switched network to monitor the complete switched network without disrupting it or having to enable "monitor ports" on the switches? I just want to be able to monitor the complete network of the company i work for. Just for troubleshooting voip, dhcp etc. I know this has bin answered before and there is some documentation on this topic but i don't realy understand. kind regards, neaJules. asked 27 Nov '14, 05:12  neaJules |
2 Answers:
A switch/router forwards packets from the incomming port to the outgoing port towards the destination so the apcket are only accessableto the capturing tool on the sending or reciving server or by switch switch it self which could copy it to a monitoring/span port. Not to other eqipment connected to other ports on the switch/router. You can insert taps(HW equipment) on the cabels connected to the switch port to copy the packets. answered 27 Nov '14, 07:51  Anders ♦ |
well, if you don't want to enable monitor/mirroring ports, it's going to become diffucult, because the way a switch works will prevent monitoring the "whole" network. See the Ethernet Capturing Setup Wiki: So, you either
Regards answered 27 Nov '14, 08:04  Kurt Knochner ♦ |
