Capture Question

Unanswered Question


<br />

<br />I have an intersting problem, my company is having timeout problems when accessing a particular web site - this site can be accessed through a standard ADSL conneciton. We have a PIX 515 OS 8.x at the front of our corporate network.

<br />

<br />My question is this:

<br />

<br />How can I capture the return http packet information on the outside interface, bearing in mind that the connection has already been established via the ACL on the inside interface.

<br />

<br />I need to try and establish if the original syn packet has recieved an syn-ack reply.

<br />

<br />Thanks

<br />

<br />Rod

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
celiocarreto Tue, 02/03/2009 - 00:55


if you know the destination ip, then create an adequate ACL and capture on outside interface.

For example: webserver -

access-list test permit ip any host

access-list test permit ip host any

capture test access-list test interface outside [trace detail]

Regards, Celio

Hi Celio,

I have got the information I require by carrying out the sh conn command, however the site I am havinf problems with is showing a saA flag - I understand that this flag indicates that the PIX is awaiting a response, does this mean that there could be an conflict with the web server IP address and one of the pix security features????




This Discussion