View live traffice from specific IP

komputerguy · ‎08-25-2008

How can I view all live traffic coming from a specific IP? I have a L2L tunnel setup and a few IP's on one subnet are not pingable. Trying to find out where it is dying.

wasiimcisco · ‎08-25-2008

you can use ASDM Packet tracer by defining source and destination IP addresses and also use the command line tool capture for this purposes.

make an access-list

recall this access-list in capture command

capture mycapture access-list mylist interface inside/outside.

if help please rate.

komputerguy · ‎08-25-2008

If I am testing just a regular ping how do I do that?

source IP: 172.16.1.1 destination IP: 172.16.55.1

What do I choose for Type, Code, and ID?? I just want it to use a standard ping.

fsmontenegro · ‎08-25-2008

This on an ASA.

access-list cap extended permit ip host 172.16.1.1 host 172.16.55.1

access-list cap extended permit ip host 172.16.55.1 host 172.16.1.1

capture capinside access-list cap interface inside

capture capoutside access-list cap interface outside

then you can use

"show cap capinside" or "show cap capoutside" to see the traffic that was captured.

Naturally, change the interface names if you're using something else.

Farrukh Haroon · ‎08-25-2008

On which device is this?

On the ASA you can either do a capture for this IP, or check the 'show conn det | inc ' command whenever you want to see this IPs connections.

Regards

Farrukh

komputerguy · ‎08-26-2008

This is a PIX 515E I'm using to try and do this with.

Farrukh Haroon · ‎08-26-2008

Ok then you can use the capture command or the show conn suggested earlier.

Regards

Farrukh