Cisco Cisco Catalyst 6500 Series Firewall Services Module Guide De Dépannage

Contributed by Scott Nishimura, Cisco TAC Engineer.
Apr 02, 2013

Introduction
Prerequisites
     Requirements
     Components Used
     Conventions
SPAN Reflector
FWSM Traffic Capture on the Switch Backplane
     Step 1: Determine Port Channel Used by FWSM
     Step 2: Define Source and Destination Interfaces
     Step 3: Verify Monitor Session
Related Information

This document describes how to monitor traffic sent to and received from a Firewall Services Module
(FWSM). On the Cisco Catalyst 6500/Cisco 7600 Series Routers platform, there are two switched port
analyzer (SPAN) sessions that can be used to redirect traffic to a destination port for activities such as
captures or transmissions to other physical security devices (such as an Intrusion Detection System). SPAN
sessions are also known as monitor sessions.

Cisco recommends that you have knowledge of these topics:

Network security

• 

Familiarity with data captures (sniffers)

• 

The information in this document is based on these software and hardware versions:

Cisco Catalyst 6500/7600 Series Switches

• 

Cisco Catalyst 6500/Cisco 7600 Series Supervisor Engine 720

• 

Cisco FWSM

• 

The information in this document was created from the devices in a specific lab environment. All of the
devices used in this document started with a cleared (default) configuration. If your network is live, make sure
that you understand the potential impact of any command.