Asa

From S23Wiki
Revision as of 08:09, 1 July 2014 by DrOwl (Talk | contribs)

Jump to: navigation, search

Some notes on working with Cisco ASA's

Commands on an asa 8.3 and above

Capture packets (like linux tcpdump/ Solaris snoop)

Start a Capture

\# capture [name] interface [interface name] match [protical (ip/icmp/tcp/udp)] host [source host (x.x.x.x/any)] [Dest host (x.x.x.x/any)]

Stop the capture but keep the data

\# no capture [name] interface [interface name]


List Caputres

\# show capture [name]

Delete the capture

\# no capture [name]


Example

# capture SH interface extern match ip host 10.10.10.10 any
# show capt
capture SH type raw-data [Capturing - 14486 bytes] 
  match ip host 10.10.10.10 any 
# show capture SH

71 packets captured

   1: 16:47:19.884750       10.10.10.3.64216 > 10.10.10.10.53:  udp 42 
   2: 16:47:19.885086       10.10.10.10.53 > 10.10.10.3.64216:  udp 238 
...



packet tracer

  1. packet-tracer input [interface name] [protical (icmp/tcp/udp)] [source host (x.x.x.x)] [source port] [dest host (x.x.x.x)] [desk port] (detailed)


Example

  1. packet-tracer input external tcp 10.10.10.3 64216 10.10.10.10 53 detailed