Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1407
Views
5
Helpful
2
Replies

Not capturing traffic on both Egress and Ingress interfaces question

CiscoBrownBelt
Level 6
Level 6

‎08-31-2020 01:25 PM

So I have an issue with a server and host failing on the SYN/ACK (server replies to SYN, however host never receives the SYN/ACK). I only always capture traffic on either the Ingress or Egress interace but not both when just filtering using the host IP. Would this just be because there is no full 3-way handshake traffic as I usually don't change source or destination IPs when setting up a packet capture filter - I use the same IPs for both ingress and egress interfaces that I want to capture traffic on. 

0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-31-2020 11:02 PM

If you use the packet capture wizard in ASDM it will create both capin and capout captures and show you the traffic on both ingress and egress sides of the firewall.

CiscoBrownBelt
Level 6
Level 6
In response to Marvin Rhoads

‎09-01-2020 06:26 AM

That's what I use but for some strange reason it is never showing anything for both interfaces. I leave the source subnet to capture let's say 10.10.10.0 255.255.255.0 and destination 0.0.0.0 for both ingress and egress. Only when I just swap the ingress and egress interfaces, it will show the data on the other interface that was not shown, but now not the other. Strange. I am also positive that those are the proper interfaces the traffic is routed.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card