Cannot get "ap packet-capture" to send traffic to local machine as datasession table shows the packets being denied.
Following commands are run:
ap packet-capture open-port 5555
ap packet-capture ip-addr 11.0.0.14 11.0.0.33 5555 radio 1
Output of following commands:
show rights sys-ap-role (Note this shows 5555 open)
Priority Source Destination Service Application Action TimeRange Log Expired Queue TOS 8021P Blacklist Mirror DisScan IPv4/6 Contract
-------- ------ ----------- ------- ----------- ------ --------- --- ------- ----- --- ----- --------- ------ ------- ------ --------
1 any any sys-svc-gre permit Low 4
2 any any sys-svc-gre permit Low 6
3 any any sys-svc-syslog permit Low 4
4 any any sys-svc-syslog permit Low 6
5 any any sys-svc-snmp permit Low 4
6 any any sys-svc-snmp permit Low 6
7 any any sys-svc-http permit Low 4
8 any any sys-svc-http permit Low 6
9 user any sys-svc-kerberos-tcp permit Low 4
10 user any sys-svc-kerberos-tcp permit Low 6
11 user any sys-svc-smb-tcp permit Low 4
12 any any sys-svc-snmp-trap permit Low 4
13 any any sys-svc-ntp permit Low 4
14 user any sys-svc-ftp permit Low 4
15 user any sys-svc-ftp permit Low 6
16 user any sys-svc-ftp-flbck permit Low 4
17 user any sys-svc-ftp-flbck permit Low 6
18 any user sys-svc-ftp-data-any permit Low 4
19 any user sys-svc-ftp-data-any permit Low 6
20 any user sys-svc-telnet permit Low 4
21 user any sys-svc-am-5555 permit Low 4
22 user any sys-svc-am-5001 permit Low 4
show ap packet-capture status ip-addr 11.0.0.14 (pcap is active)
Packet Capture Sessions at LIVINGROOM, IP 11.0.0.14
---------------------------------------------------
pcap-id filter type intf channel max-pkt-size num-pkts status url target Radio ID
------- ------ ---- ---- ------- ------------ -------- ------ --- ------ --------
1 raw 38:17:c3:8e:de:a0 1 0 9371 in-progress 11.0.0.33/5555 1
show datapath session table 11.0.0.14 (Note that packets are being denyed to my local ip)
Source IP or MAC Destination IP Prot SPort DPort Cntr Prio ToS Age Destination TAge Packets Bytes Flags CPU ID
----------------- --------------- ---- ----- ----- -------- ---- --- --- ----------- ---- ---------- ---------- --------------- -------
11.0.0.101 11.0.0.14 47 0 0 0/0 0 4 0 local 3c 255 49764 FC 7
11.0.0.14 11.0.0.101 17 4500 4500 0/0 0 0 1 0/0/4 48 56 25780 FC 6
11.0.0.101 11.0.0.14 17 8444 8209 0/0 0 0 1 tunnel 11 d 0 0 FYI 6
11.0.0.14 11.0.0.101 17 8211 15301 0/0 0 0 1 local 20 0 0 FYI 6
11.0.0.14 11.0.0.101 17 8209 8444 0/0 0 0 0 tunnel 11 d 0 0 FYCI 6
11.0.0.101 11.0.0.14 17 15301 8211 0/0 0 0 0 local 20 3 1671 FCI 6
11.0.0.101 11.0.0.14 17 8494 8211 0/0 0 0 1 local 16 1 127 FCI 6
11.0.0.14 11.0.0.33 17 5555 5555 0/0 0 0 0 0/0/4 a 385 120046 FDC 7
11.0.0.14 11.0.0.101 17 8211 8494 0/0 0 0 1 local 16 0 0 FYI 6
11.0.0.14 11.0.0.101 47 0 0 0/0 0 40 0 local 3c 90 10508 F 6
11.0.0.101 11.0.0.14 17 4500 4500 0/0 0 0 4 0/0/4 48 9 7045 F 6
Ports are all trusted so no port level acls are enabled. Why is the traffic being denyed to local machine?