IDSM-2 Packet Capture - Only Seeing Uni-Directional Traffic
To whom it may concern,
Good day; I hope everyone's week is going well thus far. I have a question regarding packet captures on an IDSM2. Often times when I perform a capture on an IDSM2, I only seeing one-side of the traffic; for example, I only see the return traffic from the destination. See below for an example; I attempted to ping an asset on the other side of the IPS sensor and I only see the echo reply traffic; not the echo request traffic originating from my workstation.
I see this when I capture through the CLI or IDM. Has anyone else seen this as well? Is there a trick to ensuring I am capturing the traffic bi-directionally? Thank you!
iull03m-1# packet display gigabitEthernet0/7 expression vlan 3 and host 10.xx.251.209
Warning: This command will cause significant performance degradation
tcpdump: WARNING: ge0_7: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ge0_7, link-type EN10MB (Ethernet), capture size 65535 bytes
16:59:18.574409 IP 10.xx.59.34 > 10.xx.251.209: ICMP echo reply, id 512, seq 38677, length 40
16:59:19.576836 IP 10.xx.59.34 > 10.xx.251.209: ICMP echo reply, id 512, seq 38933, length 40
IntroductionFeatured AuthorLive QuestionsQ: In this digital era, how do you differentiate between IT and Cybersecurity? Could you please share your thoughts on this.Q: On a Cyber Security point of view which is the right way to go - CCNP Security or Cyber...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...
There has been a lot of grey area when one needs to get started with ISE or when one does not have any specific background.Could you please guide me to what are the thing that one needs to know inside out and what are the things which require only a minim...
Hello Guys, I'm trying to create a simple script to create new objects on FMC via API, but I'm facing issues(Python 3.8). Script(that pretty simple, I'm not programmer, but I'm trying): import base64import sysimport requestsimport reimport ...
NetSec YouTube Channel
The NetSec Team is adapting our content delivery methods to enable our stakeholders to get the information they need from the places they frequent the most. YouTube is the go-to place for billions of users to learn about tech...