Solved: capturing in PIXOS

linnea.wren · ‎08-05-2009

Hey...

I'm trying to capture all traffic back and forth between an inside host and another organization's ftp server.

I have an access-list, one line:

access-list follett standard permit host 12.172.137.116

I have a capture command:

capture follett_outside access-l follett int outside

But packets are captured in only 1 direction - from my host to the foreign server. Packets returning from the server are not captured.

I know there are such packets, as I'm capturing on the workstation at the same time, and I can see them.

If the doc I've looked at explains this, I have failed to understand...

Anyone want to point me in the right direction?

Much appreciated...

JORGE RODRIGUEZ · ‎08-05-2009

Try this capture

(config)#access-l cap1 permit ip any host 12.172.137.116

(config)#access-l cap1 permit ip host 12.172.137.116 any

(config)#cap cap1 access-l cap1 in outside

then generate traffic either direction

show cap cap1 -> will show output

to remove cap1 / acl

(config)#no cap cap1

(config)#no access-l cap1

ensure cap is completely remove

show cap

-regards

Jorge Rodriguez

JORGE RODRIGUEZ · ‎08-05-2009

Try this capture

(config)#access-l cap1 permit ip any host 12.172.137.116

(config)#access-l cap1 permit ip host 12.172.137.116 any

(config)#cap cap1 access-l cap1 in outside

then generate traffic either direction

show cap cap1 -> will show output

to remove cap1 / acl

(config)#no cap cap1

(config)#no access-l cap1

ensure cap is completely remove

show cap

-regards

Jorge Rodriguez

linnea.wren · ‎08-06-2009

Thanks much Jorge - that did it.

(Surprised to learn that "capture this host" =! "capture this host to any, any to this host", but hey, it's good to learn something new every day!)

JORGE RODRIGUEZ · ‎08-06-2009

You are welcome.. glad to help.. thanks for rating.

-regards

Jorge Rodriguez