Sep 08
1,692
The PIX/ASA can be configured in order to capture packet information like a sniffer that can be later viewed. There are two ways to do this.
In order to capture the packets and later download them to view in ethereal (pcap format), complete these steps:
- Create an access-list in order to match the traffic.
- Apply the capture command.
- Browse to https://device_ip_address /capture/capture_name/pcap.
- Save the file.
- Open file with Ethereal.
Refer to this configuration example:
pixfirewall(config)#access-list 501 extended permit tcp host 192.168.32.24 any
pixfirewall(config)#capture traffic access-list 501 packet-length 1500 interface outside
Open web browser go to https://device_ip_address /capture/traffic/pcap and save the file in order to view it in Ethereal.
In order to capture the packets and then view them in command line with the use of putty, complete these steps:
-
Create an access-list to match the traffic.
-
Apply the capture command.
-
Use show capture command in order to view the capture.
Refer to this configuration example:
pixfirewall(config)#access-list 501 extended permit tcp host 192.168.32.24 any
pixfirewall(config)#capture traffic access-list 501 packet-length 1500 interface outside
pixfirewall(config)#show capture traffic
Tags:asa, command, configuration, configure, create, file, format, hosts, interface, pix, putty, traffic
Liked this article? To continue getting our latest free Howtos and Tutorials,
you can also grab the RSS feed or Subscribe to Techgurulive by Email
you can also grab the RSS feed or Subscribe to Techgurulive by Email
Not Getting
Related postsCisco IOS Software Multiple Features Crafted UDP Packet Vulnerability
How to Build Wireshark from source under UNIX
