My company have a network infrastructure based on Multilayer switches.
We need to make some tracking on RDP (TCP 3389) trafic and logging to Syslog server.
- I have created a match access-list :
access-list 110 permit tcp any any eq 3389
- I have specified a Syslog server with the logging host commande line.
- When I tried to debug with :
debug ip packet 110 detail
I can't see any RDP trafic matched, even if many terminal server sessions (using RDP) are opened.
Any help please.