01-16-2012 01:35 AM
Guys,
I've just added a external server ip address to go through our vpn tunnel and then out the remote site internet connection.
How can I check that this is the path the packet is taking?
If I do a tracert then I can't see the path?
Thanks
01-16-2012 01:30 PM
Well, you could either monitor your logs on your VPN device (whatever that may be - not specified), as long as you have the appropriate logging level.
For a traceroute, assuming there's a routing device on the other end of the tunnel you would traverse, you should be able to see the last hop on your end being your VPN device, and then the router or the destination host, as the next hop (and that would indicate you're 'in' the tunnel).
A third option, and more challenging, is having a packet sniffer that knows the PSK, or has the ability to decrypt the session, and analyze the traffic from Wireshark or another packet analysis tool.
HTH!
-Chris
01-16-2012 06:58 PM
You can use the packet tracer tool either from ASDM or cli to validate the flow through the ASA
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide