I need to capture all the traffic between our client's ASA 5505 and their PBX. I would like to set up a packet capture using the wizard in the ASDM if possible, but it seems like I can only capture the traffic going one direction. Is it possible to capture all traffice to and from the PBX? If so, how?
From this article set up a capture.
Document ID: 71871
ASA Capture Feature
The administrator needs to create an access-list that defines what traffic the ASA needs to capture. After the access-list is defined, the capture command incorporates the access-list and applies it to an interface.
ciscoasa(config)#access-list inside_test permit icmp any host 192.168.1.1 ciscoasa(config)#capture inside_interface access-list inside_test interface inside
The user pings the inside interface of the ASA (ping 192.168.1.1). This output is displayed.
ciscoasa#show capture inside_interface 1: 13:04:06.284897 192.168.1.50 > 192.168.1.1: icmp: echo request !--- The user IP address is 192.168.1.50.
Note: In order to download the capture file to a system such as ethereal, you can do it as this output shows.
!--- Open an Internet Explorer and browse with this https link format: https://[/]/capture//pcap