Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
417
Views
0
Helpful
1
Replies

Debug in PIX

vinoth.kumar
Level 1
Level 1

‎05-26-2009 05:44 AM - edited ‎03-11-2019 08:36 AM

Hi,

Intially we used the PIX IOS 6.3 were we will use the command to debug some IP from outside and inside

example

debug packet inside src 10.180.1.1

debug packet ouside dst 80.1.X.X

but right now we upgraded the IOS to 7.2 how i can issue the same command to see the debug for the specfic ip

Labels:
0 Helpful
1 Reply 1

darkbeatzz
Level 1
Level 1

‎05-26-2009 07:42 AM

use Capture.

Its a fantastic new tool introduced in 7.0

basically you create and acl

capture the acl

sh capture

ASA Capture Feature

The administrator needs to create an access-list that defines what traffic the ASA needs to capture. After the access-list is defined, the capture command incorporates the access-list and applies it to an interface.

ciscoasa(config)#access-list inside_test permit icmp any host 192.168.1.1

ciscoasa(config)#capture inside_interface access-list inside_test interface inside

The user pings the inside interface of the ASA (ping 192.168.1.1). This output is displayed.

ciscoasa#show capture inside_interface

1: 13:04:06.284897 192.168.1.50 > 192.168.1.1: icmp: echo request

!--- The user IP address is 192.168.1.50.

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807c35e7.shtml

http://security-planet.de/2005/07/26/cisco-pix-capturing-traffic/

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card