Wondering if someone can help.
I've created an access-list to check debugging but although I can successfully rdp 172.18.0.195 no logs show up on the switch.
Terminal monitor and logging monitor debug enabled.
DSLWLQ1#sh ip access-lists
Extended IP access list 199
permit tcp any host 172.18.0.195 eq 3389
IP packet debugging is on for access list 199
The first thing that I would want to check is what port on the router the traffic arrives on for RDP and what port on the router the traffic leaves on for RDP (to destination 172.18.0.195).
The second thing that might affect it is whether traffic is being CEF or fast switches. To take care of this I would configure under the interface where traffic arrives and also under the interface where traffic leaves the command:
no ip route-cache
this will force process switching of the traffic and will give debug a chance to report the traffic.
[note] after the debug is completed remember to restore the switching path on the interfaces with ip route-cache.
No ip route-cache was already enabled on interface vlan 18 (It's a 2950 layer 2) but not on vlan 30.
It's doesn't even work for icmp packets but I reckon it's probably related to fast switching.
I can't play around too much on prod env.
I believe that it has more to do with the device being a 2950. As a layer 2 switch I do not believe that it has much capability to debug layer 3 IP processing. If you want to debug the RDP traffic I suggest that you do the debug on whatever layer 3 device is providing the routing between the source and the destination. (and if the source and the destination are in the same subnet then I do not know that debug will see it at all)
Thanks for that. I've tried debugging on layer3 switches at both ends (source and destination).
No success but it could be related to no ip route-cache.
If you are looking to view traffic traversing a switch you need a packet sniffer (Wireshark is free) and you need to set up a monitor port. Lookup the monitor configuration command for the 2950. Pick a port that you will plug your sniffer into and the port you want to see the traffic traverse. Be sure to create a bidirectional monitor.