I have the following extreme switches running layer 2 and layer 3 for our organisation:
X670 G1 Firmware 188.8.131.52
X670 G2 Firmware 184.108.40.206
What is my easiest option for capturing layer 3 conversations from a source IP range?
I'd like to know what hosts in our DMZ are communicating to internal servers, so basically just capture anything with a source of x.x.x.x/27
Perhaps something like remote mirroring the inbound ISP ports to a Linux machine running TCPDUMP to capture, or a windows box running wireshark with a filter?