Introduction
Cisco ASA packet capture and PIX firewall have a very nice feature set to capture traversing via the Firewall. This is quite a useful utility in operation and troubleshooting.
To capture traffic on a Cisco ASA or PIX Firewall the capture command can be used.
BELOW IS STEP BY STEP PROCEDURE TO ENABLE PACKET CAPTURE FOR RESPECTIVE TRAFFIC TYPE –
We want to capture traffic from/to host 192.168.0.1 located behind the DMZ interface.
Using access list is recommended as it is used to filter interesting traffic (Specific traffic capture we want to analyze) :
ASA(config)# access-list CAPTURE permit ip any host 192.168.0.1
ASA(config)# capture cap1 access-list CAPTURE interface dmz
capture cap1 access-list CAPTURE interface dmz
show capture cap1 detail
show capture cap1 dump
Continue Reading:
CISCO ASA FIREWALL INTERVIEW QUESTIONS
ABOUT THE AUTHOR
I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”
I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.
I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)
