Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
325
Views
5
Helpful
2
Replies

ASA S2S VPN Troubleshooting Query

georgehewittuk1
Beginner
Beginner

‎07-19-2021 05:37 AM - edited ‎07-19-2021 05:38 AM

Hi Guys,

 

Is there a command/debug/capture for the ASA whereby I can see the decapsulated packets from a site to site VPN. Usually I just capture on the interface it egresses but not getting any hits like it should.

 

Would be good to see what is sent as trying to prove what is being sent from a remote party.

 

Thanks

George

 

Labels:
2 Replies 2

balaji.bandi
VIP Community Legend VIP Community Legend
VIP Community Legend

‎07-19-2021 06:13 AM

use the below troubleshoot guide :

 

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/81824-common-ipsec-trouble.html

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Pawan Raut
Enthusiast
Enthusiast

‎07-21-2021 06:45 AM

use the command "show crypto ipsec sa <PeerIP>" to confirm if you are receiving the decap packets in VPN tunnel

then apply the packet capture on the inside interface of Cisco VPN ASA from which the packet will leave for a destination

 

Please rate for useful post

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents