Hi
I am testing a Palo Alto device and I am trying to configure up a span port on the 8024f I have.
This port needs to see all the traffic on the switch
I can't use mirror port as is only mirrors 1 port and no one port has all the traffic
I tried something like this
interface Te2/0/21
description "SPAN port on PA-3020"
spanning-tree disable
spanning-tree portfast
mtu 9216
switchport mode trunk
but its not seeing all the traffic.
I found the ability to mirror a flow but I haven't been able to get it to work
no policy-map PA-span
no class-map CM-all
class-map match-all CM-all ipv4
!! if i have the below enable I can't assign it to any ports
!!match any
exit
policy-map PA-span out
class CM-all
mirror Te2/0/21
exit
exit
if I try an assign any match to the class-map it fails
what I would like is every outbound packet to be mirrored to te2/0/21
I think its possible. But having a hard time getting it working