cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1049
Views
0
Helpful
4
Replies

How do I trace traffic source?

alanmsv1234
Level 1
Level 1

I have a site-2-site IPSec vpn between an 1801 ISR and an ASA 5510. Monitoring the vpn on the ASA, I see there is constant traffic on it, when I would have expected only intermittent traffic. How can I trace what is actually causing traffic to cross the vpn? I suspect something at the ISR end is sending packets to the ASA network, but how can I find out what?

Cheers

1 Accepted Solution

Accepted Solutions
4 Replies 4

Martin Bosch
Level 1
Level 1

Hi,

I don't have a Netflow box, and it looks very complicated!!

What I really need is a simple metod of tracing the source IP of traffic going through the VPN.

Found the answer: Packet capture wizard in the ASA can track all packets between any interface or IP address/range. By capturing from the source subnet, then sending the output to Wireshark, the culprit is revealed.

Cool

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: