Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
445
Views
0
Helpful
1
Replies

ASA Delayed Packet Capture logs

matt.hickey1
Level 1
Level 1

‎09-11-2015 09:28 AM - edited ‎03-11-2019 11:35 PM

Hello all,

I was doing some captures on an ingress ASA and an egress ASA during testing at my company and encountered something strange.  While we were testing, the captures I had configured (verified as correct by two of my senior engineers) weren't capturing any traffic.  Yet, at the same time, a "sh conn | i x.x.x.x" showed the established TCP connection.  The captures ended up showing packets from the test a whole 2 hours after they were configured, without us changing anything in the configuration.  Would there be any reason for ASA packet captures to delay logging packets in the buffers?

Thank you in advance for any answers.

Labels:
0 Helpful
1 Reply 1

Vibhor Amrodia
Cisco Employee
Cisco Employee

‎09-12-2015 11:51 AM

Hi,

I am not sure if that is even possible. Did you see some data being transferred for the connections and did you have the correct address information ?

I think try to check with some other traffic and if you are able to recreate this issue ?

Thanks and Regards,

Vibhor Amrodia

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card