09-23-2015 12:25 PM - last edited on 03-11-2019 11:38 PM by NikolaIvanov
Been trying to get packet capture to work but an not sure what addresses to use as doing twice nat for the desired connections.
Rather than experimenting thought I would ask (as well as learn what addresses)
Here is my NAT / object statement
sho run object
object network net-remote
subnet 10.160.0.0 255.255.0.0
object network net-local
subnet 10.110.2.0 255.255.255.0
object network mapped_remote
subnet 192.168.0.0 255.255.0.0
sho run nat
nat (INSIDE,OUTSIDE) source static 10.110.2.1 10.115.50.1 destination static mapped_remote net-remote
thanks
destination host real ip is 10.110.2.1. client access as 10.115.50.1
customer network is 10.160.0.0. we access internally bye 192.168.0.0
09-24-2015 06:27 AM
Duplicate for this:-
https://supportforums.cisco.com/discussion/12614376/packet-capture-asa-s-s-vpn-and-natted-addressing
09-24-2015 10:07 AM
Best way to figure out IPs to use in capture is to just think from your network's perspective that what would be the IP address on a packet when it hits the interface.
So in your case, as you have VPN so you should capture traffic on ingress interface. Use the actual source IP. For destination IP ise the IP that you enter on the source machine for accessing remote machine.
Let us know if you need more information on this.
Thanks,
R.Seth
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide