Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
402
Views
0
Helpful
1
Replies

capture command vs. debug packet command

benjamingarcia
Level 1
Level 1

‎10-06-2005 04:45 PM - edited ‎03-09-2019 12:38 PM

hi everyone,

Is there a way you can filter the src and dst Ip address on capture command? I find it very hard to troubleshoot the firewall using the capture command because it capture all the packets unlike the old debug packet command which is very specific.

It has been very helpful to be able to filter the packet based on src,dst,protocol,port,etc. and it will only appear on the screen when there is a match.

is there a way that cisco return the old debug packet command on their next maintenance update for v7.0(2).

Cheers,

Benj

Labels:
0 Helpful
1 Reply 1

Patrick Iseli
Level 7
Level 7

‎10-06-2005 05:13 PM

You just have to create an access-list with the source and destination IP and the protocol that you want to troubleshoot. As it is the case for TCPDUMP or Ethereal.

See examples in Command Reference Guide:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a008045277a.html#wp1825593

This example shows that the traffic is captured from an outside host at 171.71.69.234 to an inside HTTP server:

hostname(config)# access-list http permit tcp host 10.120.56.15 eq http host 171.71.69.234

hostname(config)# access-list http permit tcp host 171.71.69.234 host 10.120.56.15 eq http

hostname(config)# capture http access-list http packet-length 74 interface inside

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents