monitor traffic on ip address

Unanswered Question
Sep 5th, 2009

cisco 2651XM router

IOS: c2600-adventerprisek9-mz.124-15.T8.bin

16port switch NM-16ESW fitted

I want to monitor all traffic on network port f1/14 and output it to a tftp

syslog but I'm I'm only having partial success.

I did:

#debug int f1/14

which seemed to go fine, and then I did:

#logging on

#logging 172.16.1.14 (ip address of the pc running TFTP32)

#logging trap debugging

but I didn't get a proper report in the syslog of the TFTP program, just bits of info. The device I want to monitor is set to 172.16.1.36 (connected to port f1/14) so I tried:

#debug ip tcp packet address 172.16.1.36

and started to see more action but it's still not showing all traffic.

What command should I be using?

thanks for any help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joe Clarke Mon, 09/07/2009 - 10:49

First, TFTP and syslog are two very different protocols. Are you sure your TFTP server also has a daemon bound to UDP port 514 which understands syslog messages?

If so, what data are you receiving in your syslog log? If the debugging output is sufficient for you, and if you have the following configured on your device, you should see everything:

logging trap debug

tonyspcrepairs Tue, 09/08/2009 - 04:55

thanks for your feedback iclarke. The tftp program I use also has a syslog function. I've since discovered that setting 'no-ip route-cache' on ALL the interfaces does the trick.

Actions

This Discussion