ACS 5.1 tcpdump tech dumptcp 'feature'

Answered Question
Aug 25th, 2010
User Badges:

Hi


I'm just installing ACS 5.1 for the first time and came across the tech dumptcp 'feature'.


This command seems to be almost completely useless for capturing packets at the ACS 5.1 OS!


It's not possible to specify a filter or capture the packets to disk.  The only options that exist are the ability to specify the number of packets that are dumped to the console which rather limits its usefulness, especially if you're SSHed in to ACS 5.1 in the first place.


tech dumptcp 0 count ?
  <1-10000>  Package count


Reading the command reference at http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/command/reference/cli_app_a.html#wp1039556 made me laugh.  The tech author has demonstrated the command whilst SSHed in and all they've captured to screen are, surprise surprise, the SSH packets from their console session.


So - 2 questions:


1)     Does anyone know of an alternative way within the ACS 5.1 host operating system to capture network packets whilst SSHed in?

2)     Has anyone out there already raised a request with Cisco to enhance the tech dumptcp 'feature' by adding the ability to filter packets and capture to disk?


Thanks very much.

Correct Answer by jrabinow about 6 years 8 months ago

There is an enhancement CDETS open:

CSCtd13775: ACS5 and TCPDump/Sniffer functionality

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
jrabinow Wed, 08/25/2010 - 13:01
User Badges:
  • Cisco Employee,

There is an enhancement CDETS open:

CSCtd13775: ACS5 and TCPDump/Sniffer functionality

lanstreamer Tue, 08/31/2010 - 09:57
User Badges:

Thanks very much for this answer.  I did search the bug navigator for enhancement requests to 5.1 but must have forgotten to search for any that were already open for 5.0.

Actions

This Discussion

Related Content