Sunday, June 27, 2010

How to trace traffic Source in Cisco ASA 5510?

We have a site-2-site IPSec vpn between an 1801 ISR and an ASA 5510. While monitoring the VPN on the ASA, we found constant traffic on it( expected only intermittent traffic). How can we trace the source that is causing traffic to cross the VPN?

Packet capture wizard in the ASA can track all packets between any interface or IP address/range. By capturing from the source subnet, then sending the output to Wireshark, you can trace the traffic source.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

