cap capin interface inside match ip host 192.168.1.50 host 200.100.100.100 circular-buffer
This will capture data in both directions
circular buffer means it will overwrite when buffer is full
Otherwise it will fill up and stop capturing
You can use clear cap capin to clear out the data
Will capture all the drops of any type
capture asp-drop type asp-drop all
sh cap asp-drop
You can also look in sh asp drop to see if they are increasing
The capture file can be saved and copied off the ASA:
https://100.100.100.200/capture/my-cap-name/pcap
To save the capture file
copy /pcap capture: disk0:
Copy the file off with CLI or ASDM file transfer.
There is also a way to connect ASDM directly to wireshark.
No comments:
Post a Comment