Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
348
Views
0
Helpful
1
Replies

Packet Capture on Cisco ASA

James Simpson
Level 1
Level 1

‎11-06-2015 08:24 AM - edited ‎03-08-2019 02:36 AM

Hi All

Im looking to see what ports my devices are talking on outbound (the internet). I wanted to run a Packet capture for this

I created an object-group rfc1918

access-list CAP extended permit ip object-group rfc1918 any

capture CAPIN access-lits CAP interface inside-in

I was getting logs come through however it was giving me traffic travelling to other interfaces

so then I tried adding a rule above

access-list CAP extended deny ip object-group rfc1918 object-group rfc1918

That didnt seem to work

Now im not get any logs coe through on the capture buffer but yet it is filling

Please could someone advise

Labels:
0 Helpful
1 Reply 1

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎11-06-2015 10:10 PM

Hello James,

By applying 

access-list CAP extended deny ip object-group rfc1918 object-group rfc1918

You are denyin the same object in acl , what is there in that object rfc1918.considering the same set of ip address will be availble on this object group.

Hope it Helps..

-GI

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card