Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3933
Views
5
Helpful
4
Replies

how to see asa vpn S2S traffic?

baselzind
Level 6
Level 6

‎11-11-2019 03:35 AM - edited ‎02-21-2020 09:41 AM

i have a asa 5515 v 9.1 , i have a S2S vpn IKEv1 and IKEv2 which i need to check packets going through it and what packets getting dropped through it , how can i do that? i cant seem to get anything through asdm real-time log viewer?

0 Helpful
4 Replies 4

Rob Ingram
VIP
VIP

‎11-11-2019 03:50 AM

Hi,

From the CLI use the command "show crypto ipsec sa" and confirm the encaps and decaps counters are increasing to confirm traffic is being sent/received over the VPN tunnel successfully. You can also use packet capture to confirm traffic is sent/received.


Do you have an ACL or VPN Filter that could be blocking traffic over the tunnel? If so enable logging and view the output

 

HTH

0 Helpful

baselzind
Level 6
Level 6
In response to Rob Ingram

‎11-11-2019 03:51 AM - edited ‎11-11-2019 03:57 AM

no i want to see the actual incoming and outgoing packets and the ports not just the counters , i tried real time logging but it wont show the vpn traffic

0 Helpful

Rob Ingram
VIP
VIP
In response to baselzind

‎11-11-2019 04:01 AM

Ok, do you have logging enabled? Post your configuration.
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card