Hi Security Experts,
Is there a way we can find out on what all ports is the Cisco ASA allowing/dropping connections between two hosts (each host on a different interface on firewall). I am interested in finding out what all requests come from one host (destined towards the other) and on what ports? What ASA allowed and what it dropped? Is there some easy way to do this? I think we can do it using ACL, but I dont want to go on that path.
Please let me know if there is some better way to do this.
Capture through ASA is the only method for which you go for so as to meet your detailed and specific requirement.
Syntax would be
access-list capture1 extended permit ip source destination
access-list capture2 extended permit ip destination source
capture capi1 access-list capture1 interface (Interface in which traffic entering)
capture capi2 access-list capture2 interface (Interface from which traffic leaving)
Please rate this if you find it helpful !!
Why dont you use a scanning tool? like Nmap as an example from the client ip address you want to test to the destination address.