You can configure port mirroring on the SonicWALL NSA 2400MX to send a copy of network packets seen on one or more switch ports (or on a virtual local area network [VLAN Broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2). VLANs allow network administrators to group hosts together, even if the hosts are not on the same network switch.]) to another switch port, called the mirror port. By connecting to the mirror port, you can monitor the traffic passing through the mirrored ports.

To create a new port mirroring group

1. Go to Switching > Port Mirroring.
2. Click New Group.
3. In the Edit Mirror Group dialog box, enter a descriptive name for the group into the Interface Group Name field.
4. For Direction, select one of the following:
   • ingress — Monitors traffic arriving on the mirrored ports.
   • egress — Monitors traffic being sent from the mirrored ports.
   • both — Monitors traffic in both directions on the mirrored ports.

5. In the All Interfaces list, select the port to use to mirror the traffic, then click the upper right-arrow button to move it to the Mirror Port field.

   You must use an unassigned port as the mirror port.

6. In the All Interfaces list, select one or more ports to monitor, and click the lower right-arrow button to move them to the Mirrored Ports field.

   You will be able to monitor traffic on the mirrored ports by connecting to the mirror port.

7. Select the Enable checkbox to enable port mirroring for these ports.
8. Click OK.

See the Knowledge Base article on the vendor website to learn more about configuring port mirroring on SonicWall devices.