I'm trying to capture all traffic back and forth between an inside host and another organization's ftp server.
I have an access-list, one line:
access-list follett standard permit host 126.96.36.199
I have a capture command:
capture follett_outside access-l follett int outside
But packets are captured in only 1 direction - from my host to the foreign server. Packets returning from the server are not captured.
I know there are such packets, as I'm capturing on the workstation at the same time, and I can see them.
If the doc I've looked at explains this, I have failed to understand...
Anyone want to point me in the right direction?
Try this capture
(config)#access-l cap1 permit ip any host 188.8.131.52
(config)#access-l cap1 permit ip host 184.108.40.206 any
(config)#cap cap1 access-l cap1 in outside
then generate traffic either direction
show cap cap1 -> will show output
to remove cap1 / acl
(config)#no cap cap1
(config)#no access-l cap1
ensure cap is completely remove