Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
883
Views
0
Helpful
1
Replies

Capture traffic going over specific L2L VPN tunnel on ASA

jason.williams
Level 1
Level 1

‎07-12-2012 08:08 AM

We have a VPN tunnel that is configured to permit entire subnets.  When looking at the SA, it only shows the subnets as connected, not individual hosts.

Is there any way to capture traffic going over a single tunnel?  Or somehow find out which tunnel a specific host may be using?

Thanks.

Jason

Labels:
0 Helpful
1 Reply 1

Javier Portuguez
Level 9
Level 9

‎07-17-2012 01:16 PM

Dear Jason,

You can use the "show crypto ipsec sa" command  as it displays all the current SA's.

Then you look for the network / host entry, this SA will have a specific crypto map sec number and peer IP address.

Keep me posted.

* Please rate any post you find helpful.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents