what does the "ingress" command optio…

Referring to the monitor session 1 destination GigabitEthernet0/47 ingress Cisco Catalyst switch command, what does the “ingress” command option enable?

Referring to the monitor session 1 destination GigabitEthernet0/47 ingress Cisco Catalyst switch command, what does the “ingress” command option enable?

A.
Allow the capture of bidirectional traffic on the GigabitEthernet0/47 switch port.

B.
Add .1Q headers on the SPAN port (GigabitEthernet0/47) to indicate the source VLAN to the Cisco IPS appliance in promiscuous mode.

C.
Allow the SPAN port (GigabitEthernet0/47) to be a source of traffic (for TCP resets).

D.
Enable flow-based SPAN session.

E.
Limit (filter) SPAN source traffic.

Explanation:
Switch(config)#monitor session 1 destination interface gigabitEthernet 0/1 ? Specify another range of interfaces
Specify a range of interfaces encapsulation Set encapsulation for destination interface ingress Enable ingress traffic forwarding <cr>
Cisco DOCs say this “If ingress traffic forwarding is enabled for a network security device, the destination port forwards traffic at Layer 2.” I say what is that reason
for allowing this? I read small blurb about letting a security device send a TCP Reset to a received/sensed attack which make some sense but I’m not in Security.
http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008015c61 2.shtml



Leave a Reply 0

Your email address will not be published. Required fields are marked *