Packet capture on Cisco ASA

using the CLI to do packet captures on a cisco ASA

#sh cap     (see if any captures are currently running)
#cap <name of capture> interface <nameif inside> match ip host <scource IP> host <destination IP>
#cap <name of capture> interface <nameif inside> match ip host <scource IP> any
#cap <name of capture> interface <nameif inside> match ip any host <destination IP>

Example:
#cap cap interface inside match ip host 10.10.10.5 host 10.20.20.71
#cap asp type asp-drop all
#cap asp circular-buffer

#Cap Test interface inside match ip 10.20.68.0 255.255.255.0 123.45.67.202 255.255.255.255

To See the capture:
#sh cap cap
#sh cap asp

Dont forget to turn off your packet captures when done:

#no cap cap
#no cap asp

Was this article helpful?

Related Articles

Leave A Comment?

You must be logged in to post a comment.