10-29-2010 01:33 PM - edited 03-11-2019 12:02 PM
Hi,
I've ACL configured on PIX to allow any traffic to and from 192.168.154.23. I want to capture the traffic coming in and going out to the server 192.168.154.23. how do i do that on PIX?
Please advice...Thanks..
10-29-2010 01:35 PM
Hello,
It would be
access-list capture permit ip any host 192.168.154.23
access-list capture permit ip host 192.168.154.23 any
capture capin access-list capin interface inside
Links for reference
Pix 7.2 and later
http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/c1_72.html#wp2034121
Pix 6.3
http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/c.html#wp1053548
You can fit the commands to for the capture to match your scenario.
Hope it helps.
Mike
10-30-2010 06:03 PM
I've ACL configured on PIX to allow any traffic to and from 192.168.154.23. I want to capture the traffic coming in and going out to the server 192.168.154.23. how do i do that on PIX?
Hi Gavin,
The acl given below would be the acl used to capture traffic.
access-list capture permit ip any host 192.168.154.23
access-list capture permit ip host 192.168.154.23 any
The capture has to be applied both on the inside and outside interface to capture packets coming to and going out of the server.
capture capin access-list capture interface inside
capture capout access-list capture interface outside
You can view the report by giving the command
sh cap capin (This would show the packets hitting the inside interface destined to any host from the server)
sh cap capout (This would show the packets hitting the outside interface from outside destined for the server).
Hope this helps.Good luck.
Regards,
Srikanth.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide