cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1278
Views
5
Helpful
6
Replies

How can I see what packets are traversing a VPN in an ASA 5510 8.2 ?

frazreid2
Level 1
Level 1

Hi All

I would like to see the packets traversing an IPSec connection I have running.

The ACL has following

From 10.0.0.0/8 to 192.168.0.0/16

but I would like to know exactly what is going over this VPN.

Can I do this just using the ASA and its tools ?

Cheers

Fraser

6 Replies 6

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

If you have logs going to a Syslog server you could go through the logs from a longer perioid of time. This might require certain of logging to see what connection has been formed through the firewall.

You could also configure packet capture on the firewall itself to capture the traffic between those networks (would have to do this on the firewall LAN interface) and then see what type of connections are being initiated and from which end of the L2L VPN.

Packet capture with a separate computer in between would naturally provide chance to save more capture data. ASA has limitations to buffer size but is pretty easy and fast to configure.

- Jouni