Traffic mirroring, also called
port mirroring or
Switched Port Analyzer(SPAN), is to replicate network packets from interface to interface. This article talks about traffic mirroring via pfsense.
I use Vmware Workstation to build the network environment, the network topology is shown as figure below:
- pfsense 2.4.x is installed on a vm, and there are three network adapters attached to it
- WAN: 192.168.116.0/24
- LAN: 192.168.153.0/24
- OPT1: 192. 168.33.0/24, port mirroring all network traffic from
To port mirroring all network traffic from LAN to OPT1, it goes to the pfsense
- configure LAN as one of bridge members
- configure OPT1 as SPAN port
- and save configure
as figure below:
Now all network traffic of LAN is mirrored to OPT1, real time traffic shown as figure below
We can see LAN traffic on OPT1 interface.