Enable Port mirroring from Cisco switch

Enable Port mirroring from Cisco switch

Port mirroring is useful when we need to sniff for details analysis of traffic. For an example; one would like to use Internet interface (uplink to Internet facing firewall) to analyize Internet traffic using sniffing tools like wireshark. Here source port (2/48) is switch port that used for Internet connection and destination switch port (2/22) is mirror port of 2/48 and connect PC with wireshark.

Port mirroring:

source port 2/48

destination port 2/22


Switch#config terminal

Enter configuration commands, one per line. End with CNTL/Z.


Switch(config)#monitor session 1 source interface Gi 2/48

Switch(config)#monitor session 1 destination interface Gi 2/22

Switch#Show monitor session 1


Switch#show monitor session 1

Switch#show monitor



Session 1


Type : Local Session

Source Ports :

Both : Gi2/48

Destination Ports : Gi2/22


Egress SPAN Replication State:

Operational mode : Centralized

Configured mode : Centralized (default)


VLAN Mirroring:

Beside above; we also could mirror a VLAN.
Below steps are to create mirror port for a particular VLAN eg. vlan 1.


source vlan1

destination port 2/22


Switch#configure terminal

Switch(config)#interface Gi 2/22

Switch(config-if)#port monitor vlan 1


Note: you could enter: #show ip int brief or show int to see the switch port name: eg. Gi 0/1 or fa 0/1 etc


About Robiul

Robiul has 15 years of continuous successful career experience in ICT with extensive background in System Engineering, IT infrastructure design, operations and service delivery, managing IT projects / MIS functions for local and multi-national companies with in-depth knowledge of multiple operating systems as well as construct / manage small to medium size Data Center. Proven ability to design and implement medium to semi-large scale LAN/WAN/WLAN and system infrastructures. Academic qualification: Master of Science in Information Systems. Professional certifications are: MCSE, CCNA, ITIL and FoundStone Security Professional, VCP, NetAPP, CISSP etc.
This entry was posted in Cisco and tagged . Bookmark the permalink.