cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

525
Views
5
Helpful
0
Replies
Highlighted
Beginner

ASA - Packet sniffer between S2S tunnels.

Hi, I am currently working on a topology where an ASA device (Headquarter device, lets call it site A) has three tunnels, one tunnel to AWS, and two tunnels to connect with two branch offices (each branch also has an ASA device), lets call them site B and site C. So, when someone connected from a branch office needs to connect to SAP servers placed in AWS, the traffic pass trough the branch -> Headquater, and then trough Headquarter -> AWS. 

Users connected from Site A and Site B are able to connect to AWS without problems, but users connected from Site C don't. Take in mind that all the traffic gets translated using a NAT in the Headquarter ASA (Site A) before going to AWS, and I can see the traffic in syslog and the users's original IPs getting translated in Site A. 

My question is, is there a way to capture traffic in Site A if traffic comes in and comes out using the same interface (Outside interface) and it is all encrypted? I can see some traffic in syslog but not when trying to get captures through CLI (I suppose that it is due to traffic encrypten going in and out through interfaces). Thanks.

 

0 REPLIES 0
Content for Community-Ad