11-16-2010 02:52 PM - edited 03-11-2019 12:10 PM
I have a ASA 5510 interface Ethernet0/0 connected to the outside world.
We have Servers in our inside zone (NOC) and 2 GRE tunnels talking to 2 different Data Centers across 2 different sites.
We want to monitor the NOC traffic and 2 different DC traffic. Is it possible to the break out of traffic in the outside that’s leaving the NOC and 2 data centers as opposed to going between servers in the zone?
-NG
11-16-2010 05:29 PM
These two GRE tunnel destination will be different. So, can't you use your monitoring server to monitor two diff. destination IP addresses?
What monitoring server are you using?
-KS
11-17-2010 07:07 AM
We have Voice/Data traffic going to the 2 DC via outside interface. Is it possible to separate the two traffic on ASA (outside).
Like to separate the video traffic passing between the servers.
-NG
11-17-2010 07:36 AM
I am not sure at what level you want to monitor. Syslog monitors or records communications at a high level. Using the capture command can give you more detail. Depending on the type of traffic, the ASA capture may not be able to give you exactly what is happening. If the traffic is encapsulated and/or encrypted.
brief capture option
create access-list defining source and destination of traffic you want to see
capture
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide