More packet captures on the ASA. Sometimes you just have to know how far the packet is getting. This time its across a VPN. I need to see what the packets actually are getting across, and not just look at the counters. Im trying to see if one DNS server is sending traffic back. Yep, the 192.168.1.100 DNS server is sending traffic back. I see this on the inside interface of the ASA. Looks good.
ASA# sh capture
capture capin type raw-data access-list 191 interface inside [Capturing - 28987 bytes]
ASA# sh capture capin
143 packets captured
1: 14:03:29.546663 192.168.1.100.53 > 192.168.5.64.54137: udp 373
2: 14:24:47.714761 192.168.5.64.61552 > 192.168.1.100.53: udp 55
3: 14:24:47.717064 192.168.1.100.53 > 192.168.5.64.61552: udp 55
4: 14:24:47.931943 192.168.5.64.53348 > 192.168.1.100.53: udp 35
5: 14:24:47.932340 192.168.1.100.53 > 192.168.5.64.53348: udp 90
6: 14:24:47.970271 192.168.5.64.50397 > 192.168.1.100.53: udp 32
7: 14:24:47.970683 192.168.1.100.53 > 192.168.5.64.50397: udp 79
8: 14:24:48.015196 192.168.5.64.63238 > 192.168.1.100.53: udp 45
9: 14:24:48.015853 192.168.1.100.53 > 192.168.5.64.63238: udp 98
10: 14:24:48.059841 192.168.5.64.64395 > 192.168.1.100.53: udp 39
11: 14:24:48.090159 192.168.1.100.53 > 192.168.5.64.64395: udp 39
12: 14:24:48.135307 192.168.5.64.62142 > 192.168.1.100.53: udp 42
13: 14:24:48.136025 192.168.1.100.53 > 192.168.5.64.62142: udp 111
14: 14:24:48.172140 192.168.5.64.52743 > 192.168.1.100.53: udp 35
15: 14:24:48.174566 192.168.1.100.53 > 192.168.5.64.52743: udp 110
...
143 packets shown
ASA#
No comments:
Post a Comment
Your comment will be reviewed for approval. Thank you for submitting your comments.