CISCO-ASA - Traffic Capture Setup

Configure The Capture Filter

Start the packet capture process with the capture command in privileged EXEC mode. In this configuration example, the capture named capin is defined. Bind it to the inside interface, and specify with the match keyword that only the packets that match the traffic of interest are captured:

ASA# capture capin interface <INTERFACE> match ip 192.168.10.10 255.255.255.255 203.0.113.3 255.255.255.255

Similarly, the capture named capout can be defined. Bind it to the outside interface, and specify with the match keyword that only the packets that match the traffic of interest are captured :

ASA# capture capout interface <INTERFACE> match ip 192.168.10.10 255.255.255.255 203.0.113.3 255.255.255.255

Get the Capture

ASA# show capture

Or :

# ASA# show capture capin

To Stop

ASA# no capture capin interface inside match ip 192.168.10.10 255.255.255.255 203.0.113.3 255.255.255.255

Clear Capture

Enter the clear capture /all command in order to clear the buffer for all captures :

ASA# clear capture /all

Anonymous

Search

CISCO-ASA - Traffic Capture Setup

Namespaces

More

Page actions

Contents

Configure The Capture Filter

Get the Capture

To Stop

Clear Capture

Navigation

Navigation

Wiki tools

Wiki tools

Anonymous

Search

CISCO-ASA - Traffic Capture Setup

Configure The Capture Filter

Get the Capture

To Stop

Clear Capture

Navigation

Wiki tools

Page tools

Categories