Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Packet capture for IKE and IPsec traffic failing

I have a packet capture on a Cisco 891 router configured with the following settings. It does not capture any packets. Anyone see what I have incorrect?

IP of the Hub or Head End side 66.179.xx.xx

IP of the 891 or spoke side 187.144.33.144

I apply the following to the spoke router.

ip access-list extended BUF-FILTER1234
    permit ip host 66.179.xx.xx host 187.144.33.144
    permit ip host 187.144.33.144 host 66.179.xx.xx

monitor capture buffer BUF1234 size 2048 max-size 1518 linear
monitor capture buffer BUF1234 filter access-list BUF-FILTER1234
monitor capture point ip cef POINT1234 dialer2 both
monitor capture point associate POINT1234 BUF1234

I then start the capture:

monitor capture point start POINT1234

2055951: Aug 26 22:45:51.327 UTC: %BUFCAP-6-ENABLE: Capture Point POINT1234 enabled.
Store_85000#

Wait a length of time and look at the dump and nothing.

Store_85000#show monitor capture buffer BUF1234 dump
Store_85000#

 

Everyone's tags (1)
1 REPLY
New Member

can you try ESP protocol

can you try ESP protocol instead of IP. the vpn traffic gets encapsulated into an ESP packet. ALso, UDP 500 and/or UDP4500 might also help.

471
Views
0
Helpful
1
Replies