Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Capturing Live traffic on PIX

How to see the live traffic on the PIX interfaces.whether we have to use tcpdump command as we

use in Checkpoint or there are other command also to view live traffic.

8 REPLIES

Re: Capturing Live traffic on PIX

Here's a good reference-

http://www.computernetworkinghelp.com/content/view/40/1/

Hope that helps.

New Member

Re: Capturing Live traffic on PIX

Thanks a Lot

Silver

Re: Capturing Live traffic on PIX

Pix "capture" does not show live traffics like

Checkpoint tcpdump or fw monitor. you have

to use "show capture xxx" to view traffics.

By the time you see it, it is not live anymore.

tcpdump and "fw monitor" show you actual

live traffics on the interface.

Re: Capturing Live traffic on PIX

A PIX doesn't have tcpdump nor fw monitor. This is a PIX not a Checkpoint.

Silver

Re: Capturing Live traffic on PIX

The original poster asked "How to see the live traffic on the PIX interfaces."

capture does not have the ability to let users

look at live traffics. That's my point.

Re: Capturing Live traffic on PIX

hello sukh,

connect the pix inside interface through a switch, and do port mirroring on the switch to capture all traffic flowing through that pix.. use the SPAN feature of the switch to mirror the port.. as others said, there are no inbuilt command or feature in PIX, to do this functionality...

Hope this helps.. all the best..

Raj

New Member

Re: Capturing Live traffic on PIX

A couple of things I do with either PIX or ASA to watch live traffic:

1-Syslog, just be sure to have a syslog server (easier to sift through) and log to informational level.

2-Can look at output from show conn (not as helpful but you can grep or | inc for specific ip's. This is more of a sanity type of check.

New Member

Re: Capturing Live traffic on PIX

What version of code are you running? The ASDM is useful unless you are wanting to see more than just syslog type of traffic.

811
Views
0
Helpful
8
Replies