V2110 Additional Port Required For Mirroring

  • 1
  • 2
  • Question
  • Updated 1 year ago
  • Answered
  • (Edited)
Hi,

Have a scenario where the use of a V2110 Wireless Controller is in play and the need to create some internal VNS's and one external for Guest.

The Guest is to be B@AC directly to the second nic (esa1), that goes directly to its own internet connection as a means of completely isolating Guest traffic from internal. All internal VNS's will B@AP and esa0 is the primary psychical 1 port.

The problem arises when trying to add a mirror port due both ports now in use!

Have tried adding a third nic but the V2110 doesn't seem to recognise it, and potentially we already have a third NIC thats not being used in the 'Admin' port.

So wondering if there is any fix to getting mirror traffic out a third nic without me having to tag the Guest network out onto the internal network - which is probably the only possible solution in this case but I would rather avoid it if I can.

Many thanks.
Photo of Martin Flammia

Martin Flammia

  • 6,326 Points 5k badge 2x thumb

Posted 1 year ago

  • 1
  • 2
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 51,328 Points 50k badge 2x thumb
Hi, in short... not supported you'd need to tag it via one port.

What I don't get is the mirror port - what's the reason behind it.
Is it for Analytics ?

-Ron
Photo of Martin Flammia

Martin Flammia

  • 6,326 Points 5k badge 2x thumb
Hi Ron, it is. Cause you might have been thinking along the lines of the answer below? Thanks
Photo of Pala, Zdenek

Pala, Zdenek, Employee

  • 10,186 Points 10k badge 2x thumb
if you need mirror for Analytics, then please check new version of EWC and Analytics. in new version you can use IPFIX (in gui still called netflow) and it will provide the relevant data to the Analytics engine without the mirror...
Photo of Martin Flammia

Martin Flammia

  • 6,326 Points 5k badge 2x thumb
Arr, I see... appologies, had looked at the wrong article and seen the image below and assumed wrong:



This is the article I should have been looking at:

https://gtacknowledge.extremenetworks.com/articles/How_To/Configuring-a-Identifi-Wireless-Controller...

Thanks for your help... much appreciated.
Photo of Volker Kull

Volker Kull

  • 1,882 Points 1k badge 2x thumb
Yes, more than 2 and a half interfaces is not supported.
We discuss this issue for more then 3 years with engineering to have more flexibility in V2110 network connections, but without success.
Having dedicated security zones it is not allowed to use VLAN tags for separation and therefor you need more than two usable network interfaces!

One option is using mobility groups and install aseparate EWCs for internal and guest access...
Than you will have a mirror port on every EWC.

Volker