ACS 5.1 tcpdump tech dumptcp 'feature'

Answered Question
Aug 25th, 2010

Hi

I'm just installing ACS 5.1 for the first time and came across the tech dumptcp 'feature'.

This command seems to be almost completely useless for capturing packets at the ACS 5.1 OS!

It's not possible to specify a filter or capture the packets to disk.  The only options that exist are the ability to specify the number of packets that are dumped to the console which rather limits its usefulness, especially if you're SSHed in to ACS 5.1 in the first place.

tech dumptcp 0 count ?
  <1-10000>  Package count

Reading the command reference at http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/command/reference/cli_app_a.html#wp1039556 made me laugh.  The tech author has demonstrated the command whilst SSHed in and all they've captured to screen are, surprise surprise, the SSH packets from their console session.


So - 2 questions:

1)     Does anyone know of an alternative way within the ACS 5.1 host operating system to capture network packets whilst SSHed in?

2)     Has anyone out there already raised a request with Cisco to enhance the tech dumptcp 'feature' by adding the ability to filter packets and capture to disk?

Thanks very much.

I have this problem too.
0 votes
Correct Answer by jrabinow about 6 years 3 months ago

There is an enhancement CDETS open:

CSCtd13775: ACS5 and TCPDump/Sniffer functionality

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
lanstreamer Tue, 08/31/2010 - 09:57

Thanks very much for this answer.  I did search the bug navigator for enhancement requests to 5.1 but must have forgotten to search for any that were already open for 5.0.

Actions

This Discussion

Related Content