Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1170
Views
0
Helpful
2
Replies

Create ACL on ASA that matches on SYN flag for capture statement

Go to solution
baskervi
Level 1
Level 1

‎04-13-2018 12:47 PM - edited ‎02-21-2020 07:37 AM

I'm helping out a customer who is trying to make some firewall changes based on the results of a PCI audit. They have several "permit ip network1 network2" statements, and they need to restrict these to ports. I've been doing packet captures, but there is too much data through the interfaces. I'd like to match on SYN packets to decrease the amount of information I see. I've not been able to find any information on various forums that can help me out. Is this possible? Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni

‎04-13-2018 08:57 PM

why not  get the whole capture and filter the capture using wireshark available filters?

Please remember to rate useful posts, by clicking on the stars below.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni

‎04-13-2018 08:57 PM

why not  get the whole capture and filter the capture using wireshark available filters?

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

Go to solution
baskervi
Level 1
Level 1
In response to Dennis Mink

‎04-26-2018 07:41 AM

Thanks for the response, Dennis. I'm getting about 5 hits on the access list over a 48 hour period, so very low level traffic. I'm remote, but they'll be able to spin up a machine to capture and filter the information on.  Take care.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top