Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
267
Views
0
Helpful
1
Replies

Constant WAN (light) activity but nothing in the logging trap (even on debug)

alceryes3
Level 1
Level 1

‎02-29-2016 08:25 AM - edited ‎03-05-2019 03:27 AM

ASA 5505, 9.1.4

I few days ago I noticed continual activity on my WAN interface light. It's definitely coming from the outside as my cable modem activity light is also blinking consistently. This has happened previously with brute force attacks on my FTP but this is different as I don't see anything in the logs, even on debug mode.

I am very much a novice at ASA and IOS configurations and am wondering, if I'm doing certain policy-map inspections (ICMP), will they still show up in logging? It doesn't seem that any of this 'activity' traffic is making it's way to my inside interface as 99% of the time my WAN port is the only one blinking.

TIA!

Labels:
0 Helpful
1 Reply 1

Philip D'Ath
VIP Alumni
VIP Alumni

‎03-01-2016 11:07 PM

Install WireShark onto a machine.  Unplug the ASA and plug the cable modem directly into your machine (assuming it is just running normal IP and not PPPoE or something else).  Start WireShark doing a capture, and see kind kind of traffic it is.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card