Solved: If you want to take captures

Ramesh Babu · ‎05-06-2017

Dear Team,

I have to capture the traffic from the existing access-list.

We have 100 access-list with line number.

EX:

access-list DMZ2_inbound line 18 extended permit tcp host 172.6.21.8 host 10.10.6.3 eq http

access-list DMZ2_inbound line 19 extended permit tcp host 172.9.21.6 host 10.10.3.7 eq https

access-list DMZ2_inbound line 20 extended permit tcp host 172.5.21.9 host 10.10.2.8 eq bgp

For example here i have to capture line number 19, please let me know how to do this ?

Kindly assist me.

Thanks & Regards,

Ramesh Babu.A.

Ajay Saini · ‎05-06-2017

If you want to take captures on the interface, all you need is to set up captures accordingly, the access-list number does not matter.

example:

capture capdmz interface dmz match tcp host 172.9.21.6 host 10.10.3.7 eq 443

This is to capture the traffic that you have at line 19.

There are more ways to capture the traffic if this is what you are looking for.

More at the below link:

https://supportforums.cisco.com/document/69281/asa-using-packet-capture-troubleshoot-asa-firewall-configuration-and-scenarios

HTH

-AJ

Ajay Saini · ‎05-06-2017

If you want to take captures on the interface, all you need is to set up captures accordingly, the access-list number does not matter.

example:

capture capdmz interface dmz match tcp host 172.9.21.6 host 10.10.3.7 eq 443

This is to capture the traffic that you have at line 19.

There are more ways to capture the traffic if this is what you are looking for.

Existing access-traffic packet capture