Yes, when I try to configure a mirror endpoint at the destination switch, which is a 5412R chassis switch, running AOS, it does ask for a UDP encapsulation port.
It seems incredibly short sighted for the CX platform to not support a UDP tunnel. It's almost as if they only want this to work on a CX to CX basis.
If there's something I'm missing, I really could use an assist here.
-------------------------------------------
Original Message:
Sent: Sep 03, 2025 09:01 AM
From: thomasbnc
Subject: Remote port mirroring from 6400 CX to 5412R AOS switch
Hi
Edit:
Maybe this video here helps to understand the capabilities of AOS-CX:
https://www.youtube.com/watch?v=f9Mj0-uLHU8
I noticed that AOS-S switches seem to use UDP encapsulation for remote mirror setups whereas AOS-CX switches uses GRE tunnels. So, this may not be compatible. Personally, I never tested your exact case, however, ERSPAN with GRE tunnels works quite well and may be a solution for you but a different one.
Regards,
Thomas
Original Message:
Sent: 9/3/2025 8:49:00 AM
From: HornAlum
Subject: Remote port mirroring from 6400 CX to 5412R AOS switch
We currently are mirroring all phone system traffic on a particular VLAN from one end of our campus, where our Police Department resides, to our dispatch station on the opposite end of campus, where the PD have a particular recording system setup. We have a successfully done this for years with the AOS style system of 5412ZL2's to the newer 5412R switches. However, we are in the middle of a switch refresh. I have to replace the source traffic switch this year, and replace the receiving switch of the mirror traffic in a latter year. I need to know if a CX switch can properly mirror vlan traffic to a AOS switch
Current config
Source Switch:
class ipv4 "Mirror1Class"
10 ignore ip 10.22.38.1 0.0.0.0 0.0.0.0 255.255.255.255
15 ignore ip 0.0.0.0 255.255.255.255 10.22.38.1 0.0.0.0
20 ignore ip 10.22.39.255 0.0.0.0 0.0.0.0 255.255.255.255
25 ignore ip 0.0.0.0 255.255.255.255 10.22.39.255 0.0.0.0
30 match udp 10.22.38.0 0.0.1.255 gt 1024 10.0.0.0 0.255.255.255 gt 1024
35 match udp 10.0.0.0 0.255.255.255 gt 1024 10.22.38.0 0.0.1.255 gt 1024
40 match tcp 10.22.38.0 0.0.1.255 range 1718 1720 10.0.0.0 0.255.255.255
45 match tcp 10.0.0.0 0.255.255.255 10.22.38.0 0.0.1.255 range 1718 1720
exit
mirror 1 name "Mirror1" remote ip 10.28.22.36 31901 10.18.11.72
policy mirror "Mirror1Policy"
10 class ipv4 "Mirror1Class" action mirror 1
exit
vlan 2238
name "voice"
tagged A1-A24,B1-B21,C1-C24,D1-D21,Trk2
no ip address
qos dscp 101110
voice
service-policy "Mirror1Policy" in
exit
Destination traffic switch
mirror endpoint ip 10.28.22.36 31901 10.18.11.72 port A1
-------------------------------------------