Siemens Industry Online Support
Siemens AG
Entry type: FAQ Entry ID: 67474108, Entry date: 08/01/2019

How do you configure the "Port Mirroring" function in the Industrial Ethernet switch SCALANCE X in order to monitor data transfer at a SCALANCE X port?

  • Entry
  • Associated product(s)
This entry describes how to configure the "Port Mirroring" function in the Industrial Ethernet switch SCALANCE X in order to monitor data transfer at a SCALANCE X port.

In this example we monitor the data transfer at Port 3 of an IE switch. Using a network protocol recording you can monitor the messages sent and received by an S7-1200 CPU connected to Port 3. You can use the Wireshark tool installed on a SIMATIC Field PG to do the network protocol recordings. In order to be able to analyze the data traffic at Port 3 of the IE switch using network protocol recording, you connect the SIMATIC Field PG also to the IE switch, at Port 8, for example, and mirror the data traffic from Port 3 to Port 8 (Port Mirroring).

Fig. 1
Instructions for SCALANCE X-200, X-200IRT, X-300 and X-400
To set the "Port Mirroring" function you open the "Switch" menu in the Web Based Management of the IE switch:
  • Enable the "Monitoring Enable" function.
  • For "Mirrored Port" you specify the port to be monitored:
    Port 3, for example, to which the S7-1200 CPU is connected.
  • For "Mirrored Port" you specify the port

    at which data traffic of the "Mirrored Port" is to be mirrored:
    Port 8, for example, to which the SIMATIC Field PG is connected.

Fig. 2

Instruction for SCALANCE XB-200, XC-200, XF-200BA, XP-200, XR-300WG, XM-400 und XR-500
To set the "Port Mirroring" function you open the "Layer 2 > Mirroring" menu in the Web Based Management of the IE switch.

In the "General" tab you create a Mirroring Session:

  1. Enable Mirroring.
  2. Click the "Create" button to create an entry in the table. The session ID is assigned automatically.
  3. Select "Port Based" (port-based mirroring) for the Session Type.
  4. Click the "Set Values" button.
  5. Select the Monitor Port, "P0.8", for example.
  6. Click the "Set Values" button to save and enable the selected settings.
  7. Switch to the "Port" tab to make more detailed settings for the session ID.

Fig. 3

In the "Port" tab you configure the Mirrored Port:

  1. With SCALANCE XM-400, for example, you can create multiple sessions. In this case, you must first select the session ID in order to make the table visible in the "Port" tab. In the "Session ID" drop-down list box you select the session that you created previously in the "General" tab.
  2. In the table you click in the options of the line behind the port to be mirrored, "P0.3", for example. Here you can choose whether you want to monitor ingressing or egressing packets. To monitor all the data traffic of a port you have to select both options.
  3. Click the "Set Values" button.

Fig. 4

  • A ring port cannot be used as Monitor Port.
  • After setting the "Port Mirroring" function in the SCALANCE X you can use the Wireshark tool to do network protocol recording.
  • "Port Mirroring" does not mirror discarded messages. For complete diagnostics you need a SCALANCE TAP, SCALANCE TAP104, for example.
  • If multicast and broadcast message are displayed double in the trace, you must go to "Layer 2 > VLAN > General" and change the Monitor Port from "U" to "-". In this way the port is not operated by the switch and only the messages of the "Port Mirroring" arrive. Otherwise the message is delivered via the port and "Port Mirroring".

Further Information
Detailed information about Industrial Ethernet switches is available in the following manuals.

ManualEntry ID 
SCALANCE X-200 Configuration Manual63203259 
SCALANCE XB-200 / XC-200 / XF-200BA / XP-200 / XR-300WG Web Based Management Configuration Manual109762837 
SCALANCE X-300/X-400 Configuration Manual109757297
SCALANCE XM-400/XR-500 Web Based Management Configuration Manual109760840 
SCALANCE X-500 Web Based Management Configuration Manual67428305 

Table 1

Additional Keywords
Port mirroring

Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit