cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
830
Views
10
Helpful
10
Replies
o1ciscouser
Beginner

WebVPN - Error: Access-method is not supported for WebVPN captures

I'm trying to look at a webvpn capture on the ASA. I start the capture:

capture test type user webvpn <user> (entering a valid user name)

Then I connect to the ASA to try to see the trace with "Using a Browser to Display Capture Data" as described in the configuration guide.

https://<asa-address>/admin/capture/test/pcap

After login I get this message in the browser:

"Error: Access-method is not supported for WebVPN captures"

If I stop the capture (no capture test) before trying to connect, the error in the browser is:

"404 Not Found

The requested URL /admin/capture/test/pcap was not found  on this server. "

Any ideas greatly appreciated. Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions

After some research, I finally found it

DOC: Webvpn captures are only saved in zip format


CSCtg79320

Symptom:

WebVPN captures are only saved in zip format.

Conditions:

As per the following doc :

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/webvpn.html#wp1153077

Webvpn captures can be retrieved in pcap format using the browser, which is incorrect. The document needs to be corrected.

Workaround:

N/A

Thanks for all your time and collaboration

Portu.

In case you do not have any more questions please rate any helpful posts and mark this question as answered

View solution in original post

10 REPLIES 10

Hi,

Please check this out:

Capturing WebVPN Data

Using a Browser to Display Capture Data

Perform the following steps to capture data about a clientless SSL VPN session and view it in a browser.

Detailed Steps

Command

Purpose

Step 1

capture capture_name type webvpn user webvpn_username

Starts the capture utility for clientless SSL VPN.

capture_name is a name you assign to the capture, which is also prepended to the name of the capture files.

webvpn_user is the username to match for capture.

Step 2

(Optional)

no capture capture_name

Stops the capture utility from capturing packets after a user has logged in and began a clientless SSL VPN session.

Step 3

Open a browser and enter the following:

https://asdm_enabled_interface_of_the_security_appli ance:port/admin/capture/capture_name/pcap

Example:

https://192.0.2.1:60000/admin/capture/hr/pcap

Displays the capture named hr in a sniffer format.

Step 4

Repeat Step 2.

Are you following these steps?

Thanks in advance.

Portu.

Please rate any helpful posts

Thanks Portu.

Yes, I am following the steps. As I mentioned in my original post, if I issue the "no capture" as described in Step 2 (which is "optional?" in the documentation), I get a 404 in the browser. So when I proceed to Step 3 without stopping the capture, I get the error as described.

If you try the steps, one by one, including the optional step, does it work for you?

Thanks.

???

I follow step 1. The capture is started.

webvpn user connects and uses their session.

I try step 2, then proceed to step 3. The capture stops. The browser returns the 404 error I described

If I skip step 2, then proceed to step 3, I get the "access-method" error, no other data is returned to the browser.

I guess I will try another browser (other than IE) to see if that makes any difference.

Let me duplicate this in the lab, I will keep you posted.

Thanks.

Hi,

Please check this out:

ASA5510-C(config)# capture webvpn type webvpn user cisco

ASA5510-C(config)# no capture webvpn type webvpn user cisco

INFO: Capture file webvpn_capture.zip was created on disk0:

!

ASA5510-C(config)# show flash:

--#--  --length--  -----date/time------  path

  153  132574      Oct 29 2012 12:09:10  webvpn_capture.zip

!

Steps that I followed:

1) Established an SSL connection to the ASA via WebVPN.

2) Once connected created the capture: "capture webvpn type webvpn user cisco"

3) Browsed to the site.

4) Stoped the capture by issuing a "no capture webvpn type webvpn user cisco"

5) Once you stop the capture you will see: "INFO: Capture file webvpn_capture.zip was created on disk0:"

Let me know.

Thanks.

Portu.

Please rate any helpful posts

Portu,

Thanks for trying to duplicate this issue. The file gets created as well when I do the capture. That is not the problem. I am trying to "Use a Browser to Display Capture Data" as described in the documentation.

Here are your test steps with my comments inline:

1) Established an SSL connection to the ASA via WebVPN.

<<

2) Once connected created the capture: "capture webvpn type webvpn user cisco"

<<

3) Browsed to the site.

<<

<<< Here did you try step #3 from the documentation? I believe in THIS browser window (not the webvpn user's browser) you are supposed to see the results of the trace. Instead at this point this is where I get the "ERROR: Access-method is not supported for WebVPN captures"

Step 3

#

Open a browser and enter the following:

#

https://asdm_enabled_interface_of_the_security_appli ance:port/admin/capture/capture_name/pcap

#

Example:

#

https://192.0.2.1:60000/admin/capture/hr/pcap

#####

Displays the capture named hr in a sniffer format

4) Stoped the capture by issuing a "no capture webvpn type webvpn user cisco"

<<< Yes, this is the step #2 described as "optional" in the documentation. If I do this and then proceed to step #3 as documented, I get a "404 error."

5) Once you stop the capture you will see: "INFO: Capture file webvpn_capture.zip was created on disk0:"

<<< Yes, I also can see the zipped file in my disk0.

Thanks again for your assistance. I am interested to hear what you find out.

After some testing it may be a documentation error, since this method works for normal captures.

I have been trying different ways without sucess.

Thanks for your patience.

Portu.

Please rate any helpful posts

After some research, I finally found it

DOC: Webvpn captures are only saved in zip format


CSCtg79320

Symptom:

WebVPN captures are only saved in zip format.

Conditions:

As per the following doc :

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/webvpn.html#wp1153077

Webvpn captures can be retrieved in pcap format using the browser, which is incorrect. The document needs to be corrected.

Workaround:

N/A

Thanks for all your time and collaboration

Portu.

In case you do not have any more questions please rate any helpful posts and mark this question as answered

View solution in original post

Portu, thanks for your follow up!

Content for Community-Ad