Overview

The IntelliShun devices do not have a Monitor Mode setting. The bridge is set to drop packets going through the bridge and report the drops.  You can implement a pseudo monitor mode by feeding traffic into one or both ports of the bridge. 


No devices to drop packets between the Router and Firewall

If you do not have any inline devices between your firewall and router, you can connect a span/mirror port to ETH0 on the device.  This mirror port needs to have both Tx and Rx traffic from either the firewall port or the router port. This will provide the traffic for the device to see and act upon.  The device will drop packets and report it's actions as if traffic was passing through the device. Make sure that ingress traffic is disabled on the mirror port. 


 

One or more Inline devices that can drop packets between Router and Firewall

If you have other inline devices that will drop traffic between the firewall and router, you need to set up two span ports to feed the bridge. Both of these ports need to be Tx only, one from the firewall and the other from the firewall.  This way, the bridge will get the traffic sent from both the firewall and the router and will still see packets that the other inline devices might have dropped. 



 ETH0 location

Port ETH0 on the IntelliShun is the bridge port on the right (last port on device).