We have site to site vpn connectivity with our client. We have ASA 5510 and client side they are using juniper firewall. We are facing frequent disconnection in vpn, the applications we are using through vpn tunnel go unresponsive frequently. i need to capture vpn related packets to troubleshoot further. Can anyone tell me which is the best to way to caputure packets. Through syslog or ASA packet capturing? kindly advise and tell me procedure to configure. Thanks in advance.
The best way is to use (conditional if needed) debugging and ISAKMP capture (not regular one).
debug crypto isa 127
debug crypto ipsec 127
should be more than enough
cap IKE type isakmp int NAME_OF_INTERFACE
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: