Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
191
Views
0
Helpful
2
Replies

How can I fetch packet capture from aws deployed router

Go to solution
mabinvattothu
Level 1
Level 1

‎05-13-2024 06:54 AM

How can I fetch packet capture from aws deployed router and fetch to my pc as a pcap

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎05-13-2024 10:47 AM

May be TFTP / SCP ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful

Go to solution
Kanan Huseynli
VIP
VIP

‎05-13-2024 02:34 PM

Hi,

use EPC (embedded packet capture) with "monitor capture" commands and export to .pcap in local disk (bootflash).

Most probably you have access to device via SSH, so SCP will work for you. If for some reason you manage only locally, you can create guestshell inside router and export .pcap capture file to S3 (your EC2 machine i.e router will need IAM role to access S3).

Above is described in this doc:

https://www.cisco.com/c/en/us/td/docs/routers/csr1000/software/aws/b_csraws/enabling_the_guest_shell.html

Basically, guest linux shell is created which has its own IP and router is next-hop for that "linux box" (virtually in the background which is 192.168.x.x in the doc) then this virtual interface is NAT-ed to outside interface over which S3 is reachable (that outside interface should be in "public subnet" which means you have public IP for that interface via IGW or in "private subnet" but Nat GW is enabled).

If you also don't have internet access from router (router is in private subnet without NAT), then you may deploy S3 gateway endpoint (free) or interface endpoint (costly).

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎05-13-2024 10:47 AM

May be TFTP / SCP ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Kanan Huseynli
VIP
VIP

‎05-13-2024 02:34 PM

Hi,

use EPC (embedded packet capture) with "monitor capture" commands and export to .pcap in local disk (bootflash).

Most probably you have access to device via SSH, so SCP will work for you. If for some reason you manage only locally, you can create guestshell inside router and export .pcap capture file to S3 (your EC2 machine i.e router will need IAM role to access S3).

Above is described in this doc:

https://www.cisco.com/c/en/us/td/docs/routers/csr1000/software/aws/b_csraws/enabling_the_guest_shell.html

Basically, guest linux shell is created which has its own IP and router is next-hop for that "linux box" (virtually in the background which is 192.168.x.x in the doc) then this virtual interface is NAT-ed to outside interface over which S3 is reachable (that outside interface should be in "public subnet" which means you have public IP for that interface via IGW or in "private subnet" but Nat GW is enabled).

If you also don't have internet access from router (router is in private subnet without NAT), then you may deploy S3 gateway endpoint (free) or interface endpoint (costly).

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful
Customers Also Viewed These Support Documents