Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Capture traffic going over specific L2L VPN tunnel on ASA

We have a VPN tunnel that is configured to permit entire subnets.  When looking at the SA, it only shows the subnets as connected, not individual hosts.

Is there any way to capture traffic going over a single tunnel?  Or somehow find out which tunnel a specific host may be using?

Thanks.

Jason

1 REPLY

Re: Capture traffic going over specific L2L VPN tunnel on ASA

Dear Jason,

You can use the "show crypto ipsec sa" command  as it displays all the current SA's.

Then you look for the network / host entry, this SA will have a specific crypto map sec number and peer IP address.

Keep me posted.

* Please rate any post you find helpful.

634
Views
0
Helpful
1
Replies
CreatePlease to create content