11-11-2019 03:35 AM - edited 02-21-2020 09:41 AM
i have a asa 5515 v 9.1 , i have a S2S vpn IKEv1 and IKEv2 which i need to check packets going through it and what packets getting dropped through it , how can i do that? i cant seem to get anything through asdm real-time log viewer?
11-11-2019 03:50 AM
Hi,
From the CLI use the command "show crypto ipsec sa" and confirm the encaps and decaps counters are increasing to confirm traffic is being sent/received over the VPN tunnel successfully. You can also use packet capture to confirm traffic is sent/received.
Do you have an ACL or VPN Filter that could be blocking traffic over the tunnel? If so enable logging and view the output
HTH
11-11-2019 03:51 AM - edited 11-11-2019 03:57 AM
no i want to see the actual incoming and outgoing packets and the ports not just the counters , i tried real time logging but it wont show the vpn traffic
11-11-2019 04:01 AM
11-12-2019 10:34 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide