I would like to setup a SPAN port on my outside interface on the ASA 5505. I would like to see all traffice whether inbound or outbound. Setting up a SPAN port seems pretty straight forward, my question is, if a packet hits the outside interface and is dropped will a copy of the packet still be sent to the SPAN destination? Or does the packet have to actually enter the ASA for a copy of the packet to be sent to the ASA? I've been unable to find a clear answer to this question but I would like to know before configuring the SPAN port. Any help is much appreciated!
SPAN session are only available on the Switches. If you setup an SPAN session on the port where the ASA is connected you should be able to see all the traffic that is leaving/getting to that switchport; so it doesn't matter if the ASA drops the packet; if the switch was able to send it you will see it.
There is also the capture feature on the ASA; you can capture the traffic that gets to the interface of the ASA you are troubleshooting.
Thanks for your reply. According to the link below it looks like this can be done on the ASA 5505, using the "switchport monitor" command, since it has switching capability. Am I understanding this correctly or is there something Im not understanding?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...