Session capture on ASA

iholdings — Wed, 13 Mar 2019 01:02:06 GMT

I have an internal host initiating a connection to an external host.

The external host is denying the connection and claiming that it's a mis-configuration on our ASA that's the cause.

The internal host is NATted on the ASA - and we provided that IP to the external host (requirement for connecting).

Is there any way to capture the session data on the ASA to prove/disprove their allegations?

Thanks.

Re: Session capture on ASA

Maykol Rojas — Wed, 18 May 2011 16:36:43 GMT

******* Capture configuration ******

{Enable GUI interface:}

http 0 0 inside

http server enable

{For outside interface:}

access-list capture1 permit ip host host

{For inside interface:}

access-list capture2 permit ip host host

capture tcpin access-list capture1 interface outside

capture tcpout access-list capture2 interface inside

****** To download the files then… *****

Open the browser

https:///capture/tcpin/pcap

https:///capture/tcpout/pcap

Note:

Username: blank = no name

Password: {enable password}

********* To delete them *********

clear access-list capture1

clear access-list capture2

no capture tcpin

no capture tcpout

********** End *********.

Hope it helps.

Mike