Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
488
Views
0
Helpful
1
Replies

Wireshark Analysis

QUARK TARO
Level 1
Level 1

‎05-31-2017 05:57 AM - edited ‎03-03-2019 08:34 AM

I am capturing the traffic for a particular system using span port. My wire shark analysis shows a flood of communication with source and destination IP listed but these two IP's (source or destination) does not belong to the system I monitor. The coloring of the traffic is RED meaning TCP RST.

Any guess why point to point communication is reaching this particular system where as source and destination IP does not belong to the system?

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-01-2017 08:09 AM

It could be any number of things.

Can you share the span setup and some details about the connected hosts' addresses vs. what you are seeing?

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card