I was wondering if there was a way to set up port mirroring to mirror all traffic on the network to a particular port. I know there is a network capture thing that you can send traffic to an ip & port and capture it that way using wireshark. But when done that way it puts a different header on the packet and doesn’t make it all that useful, wireshark just shows ALL information coming from the router instead of actual destination and source. Basically what I would like to accomplish is to set up an IDS (Intrusion Detection System) on my network and port mirroring would solve all my issues.
Hi,
I suggest doing this on a switch instead of Surf Soho. This will more effective.
Hope this help.
I have thought about that but if I did it on a switch I would not be able to capture the WiFi packets. Also I was hoping to utilize the surf since all traffic will be going through it.
Hi,
Can you share the usage of the IDS? Do You want to monitor the traffic from users to internet?
I would like to monitor all traffic, mainly what is going to the Internet though. But it would be beneficial to also monitor what is going through just locally too.
Hi,
Port Mirroring is not supported in our product. Since security is your concern, I suggest using third party AP (e.g. AP One 300M) and turn off Wifi AP in Surf Soho.
Many switches have a monitor feature that supports this. I don’t remember all the details now, but I was doing something like this years ago with an HP Ethernet switch. As I recall, it had the ability to configure one of the ports as a monitor.
As a quick-and-dirty method, you could also use an old Ethernet hub to do it.