cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


261
Views
10
Helpful
6
Replies
Beginner

VPN Traffic for specific client

Hi All,

I have ASA 5510 8.4 Firewall where more than 20 Site to Site VPN Clients are configured on it.

Could anyone please help me how to see the traffic for one Specific Site to Site VPN.

Actually this site to site vpn is always keep droping for every minute. I'm sure its a problem at the other end.

The remaining 19 VPNS are UP and working without any problem.

Please help me how to see the traffic for specific vlan.

More over we dont have any syslog server in our network.

Is their any chance we can check the traffic on the firewall ?

Any help would be highly appreciated.

Regards,

Chinnu.

Everyone's tags (5)
1 ACCEPTED SOLUTION

Accepted Solutions

Re: VPN Traffic for specific client

Hi Chinnu,

In order to verify one single VPN connection, do the following:

1- debug crypto condition peer specific_vpn_peer_IP

2- debug crypto ikev1 190 --> 8.4+

    debug crypto isakmp 190 --> 8.2 & 8.3

3- debug crypto ipsec 190

This will show debugging information for one single VPN connection, so we could narrow down the issue.

On the other hand, to check the statistics of this single tunnel:

show crypto ipsec sa peer specific_vpn_peer_IP

A packet-capture would be required in case that the tunnel remains up, but certain traffic does not seem to flow across.

HTH.

Portu.

6 REPLIES 6
Enthusiast

VPN Traffic for specific client

Packet captures on any of the endpoints will give you some information about the traffic flowing through the tunnel.

Re: VPN Traffic for specific client

Hi Chinnu,

In order to verify one single VPN connection, do the following:

1- debug crypto condition peer specific_vpn_peer_IP

2- debug crypto ikev1 190 --> 8.4+

    debug crypto isakmp 190 --> 8.2 & 8.3

3- debug crypto ipsec 190

This will show debugging information for one single VPN connection, so we could narrow down the issue.

On the other hand, to check the statistics of this single tunnel:

show crypto ipsec sa peer specific_vpn_peer_IP

A packet-capture would be required in case that the tunnel remains up, but certain traffic does not seem to flow across.

HTH.

Portu.

Highlighted
Beginner

Re: VPN Traffic for specific client

Hi Javier,

Many Many Many Thanks and Thanks a Lot aswell..!!!!

Regards,

Chinnu.

Re: VPN Traffic for specific client

You are very welcome!!

Have a good one

Re: VPN Traffic for specific client

Beginner

Re: VPN Traffic for specific client

Thanks Javier..!!!