08-05-2009 08:11 PM - edited 03-11-2019 09:03 AM
Hey...
I'm trying to capture all traffic back and forth between an inside host and another organization's ftp server.
I have an access-list, one line:
access-list follett standard permit host 12.172.137.116
I have a capture command:
capture follett_outside access-l follett int outside
But packets are captured in only 1 direction - from my host to the foreign server. Packets returning from the server are not captured.
I know there are such packets, as I'm capturing on the workstation at the same time, and I can see them.
If the doc I've looked at explains this, I have failed to understand...
Anyone want to point me in the right direction?
Much appreciated...
Solved! Go to Solution.
08-05-2009 11:23 PM
Try this capture
(config)#access-l cap1 permit ip any host 12.172.137.116
(config)#access-l cap1 permit ip host 12.172.137.116 any
(config)#cap cap1 access-l cap1 in outside
then generate traffic either direction
show cap cap1 -> will show output
to remove cap1 / acl
(config)#no cap cap1
(config)#no access-l cap1
ensure cap is completely remove
show cap
-regards
08-05-2009 11:23 PM
Try this capture
(config)#access-l cap1 permit ip any host 12.172.137.116
(config)#access-l cap1 permit ip host 12.172.137.116 any
(config)#cap cap1 access-l cap1 in outside
then generate traffic either direction
show cap cap1 -> will show output
to remove cap1 / acl
(config)#no cap cap1
(config)#no access-l cap1
ensure cap is completely remove
show cap
-regards
08-06-2009 10:07 AM
Thanks much Jorge - that did it.
(Surprised to learn that "capture this host" =! "capture this host to any, any to this host", but hey, it's good to learn something new every day!)
08-06-2009 10:20 AM
You are welcome.. glad to help.. thanks for rating.
-regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: