TAC Security Podcast Episode #1 - Using the ASA Packet Capture Utility for Troubleshooting

Document

Aug 17, 2010 8:14 AM
Aug 17th, 2010

Episode Information

Episode Name: Episode 1 - Using the ASA Packet Capture Utility for Troubleshooting

Contributors: Jay Johnston, Blayne Dreier, David White Jr., Magnus Mortensen

Posting Date: May 29th, 2009

Description: In this episode, Cisco TAC engineers discuss the new RSS feed for customer issues currently being seen in the TAC. Learn how to resolve connectivity issues using the packet capture utility built in to the Cisco Adaptive Security Appliance (ASA), PIX Firewall, and Firewall Services Module (FWSM)platforms.

Listen Now    (MP3 53.8 MB; 39:12 mins)

Subscribe to the Podcast in iTunes by pasting the following link into your browser (which should launch iTunes) where you can subscribe to the podcast.

   itpc://www.cisco.com/cdc_content_elements/rss/security_podcast/security_tac_pcast.xml

Alternatively, you can search within iTunes for Cisco TAC Security Podcast, and subscribe there.  By subscribing, you will automatically receive future episodes when they are posted.


For users who would like an alternative method for subscribing, you can add the following URL into your favorite RSS reader, and subscribe to that feed.

   http://www.cisco.com/cdc_content_elements/rss/security_podcast/security_tac_pcast.xml

Episode Show Notes

The following example shows the use of the 'match' argument with packet captures:

ciscoasa# capture in interface inside buffer 2000000

ciscoasa# capture in match ip any host 192.85.1.3

ciscoasa#

ciscoasa# capture out interface outside buffer 2000000

ciscoasa# capture out match ip any host

ciscoasa#

ciscoasa# show capture capture in type raw-data buffer 2000000

interface inside buffer 2000000 interface inside [Capturing - 586 bytes]


match ip any host 192.85.1.3


capture out type raw-data buffer 2000000 interface GAT_outside [Capturing - 922 bytes]


match ip any host 192.85.1.3


ciscoasa#

ciscoasa# show cap in

ciscoasa# show cap in


6 packets captured


1: 12:04:06.482625 192.85.1.3 > 192.85.1.2: icmp: echo request

2: 12:04:06.482915 192.85.1.2 > 192.85.1.3: icmp: echo reply

3: 12:04:07.478216 192.85.1.3 > 192.85.1.2: icmp: echo request

4: 12:04:07.478307 192.85.1.2 > 192.85.1.3: icmp: echo reply

5: 12:04:08.478139 192.85.1.3 > 192.85.1.2: icmp: echo request

6: 12:04:08.478231 192.85.1.2 > 192.85.1.3: icmp: echo reply

ciscoasa#

About the Cisco TAC Security Podcast

The Cisco TAC Security Podcast Series is created by Cisco TAC engineers. Each episode provides an in-depth technical discussion of Cisco product security features, with emphasis on troubleshooting.

Complete episode listing and show information


Average Rating: 0 (0 ratings)

Actions

Login or Register to take actions

This Document

Posted August 17, 2010 at 8:14 AM
Stats:
Comments:0 Avg. Rating:0
Views:3575 Contributors:0
Shares:0

Related Content

Documents Leaderboard