Re: vpn packet capture

elite2010 · ‎03-19-2020

Hi,

If I want to capture the vpn traffic for troubleshooting purpose

from the server to the client ,does it show the unencrypted traffic ?

Thanks

johnd2310 · ‎03-19-2020

Hi,

If you need to troubleshoot traffic between the server and client, then you will need to capture the unencrypted traffic e.g. if you are doing the capture on the asa, then you would capture on the inside interface towards the server.

Capturing the encrypted traffic will not show the client-server traffic. You would capture the encrypted traffic if your were troubleshooting the vpn.

Thanks

John

**Please rate posts you find helpful**

elite2010 · ‎03-20-2020

Hi,

If I capture on the inside interface will it show the decrypted traffic?

What If I capture from the server will it show the decrypted traffic ?

I have an issue ,

when I am capturing on the remote client , it shows the reply from the client

but at the same time on the server inside there is no trace for this traffic (wireshark capture ) .

How this happen

Thanks

johnd2310 · ‎03-20-2020

Hi,

You can span a port on the switch the Inside interface is connected to.
You can capture on the asa firewall using the capture command.

If you are not seeing client traffic on the server, then you could be having routing issues. Can you ping the server from the client?

Thanks

John

**Please rate posts you find helpful**

elite2010 · ‎03-20-2020

Hi

Yes I can ping the client from the server

Thanks