登陆switch:
telnet 100.100.1.xxx
查看当前状态:
sh run
show cdp neigh (在此交换机上)列出本地接口相连接的设备
show monitor session xx 列出当前的端口监控回话
进入设置状态:
conf t
配置某个端口:
int Gi1/0/2
关闭/重启某个端口:
shut
no shut
创建ACL规则并将其应用到端口:
access-list 101 deny ip any host 10.79.57.147
access-list 101 permit ip any any
interface g1/0/8
ip access-group 101 in //no ip access-group 101 in
对端口进行其他配置:
switchport access vlan <vlan id> //port一对一设置vlan
no switchport access vlan 20 //删除对应vlan
no monitor session <id>
monitor session <id> source interface <Gi1/0/2> //定义被监控的端口
monitor session <id> destination interface <Gi1/0/1> //接分析工具的端口(PC抓包)
如phone连到Gi1/0/2,pc连到 Gi1/0/1,则用wireshark抓电脑网卡的包抓到的就是phone的包monitor session 1 source interface Gi1/0/8
monitor session 1 source interface Gi1/0/7
另一种抓phone的包的方式:
把电脑网线连到phone后背的pc口,然后在cucm phone配置页面打开 span to pc port,
https://techzone.cisco.com/t5/IP-Phone/Troubles