cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
207
Views
0
Helpful
1
Replies
Beginner

Packet Capture on Cisco ASA

Hi All

Im looking to see what ports my devices are talking on outbound (the internet). I wanted to run a Packet capture for this

I created an object-group rfc1918

access-list CAP extended permit ip object-group rfc1918 any

capture CAPIN access-lits CAP interface inside-in

I was getting logs come through however it was giving me traffic travelling to other interfaces

so then I tried adding a rule above

access-list CAP extended deny ip object-group rfc1918 object-group rfc1918

That didnt seem to work

Now im not get any logs coe through on the capture buffer but yet it is filling

Please could someone advise

Everyone's tags (1)
1 REPLY 1
Highlighted

Hello James,

Hello James,

By applying 

access-list CAP extended deny ip object-group rfc1918 object-group rfc1918

You are denyin the same object in acl , what is there in that object rfc1918.considering the same set of ip address will be availble on this object group.

Hope it Helps..

-GI

CreatePlease to create content
Content for Community-Ad