Difference between revisions of "Asa"

From S23Wiki
Jump to: navigation, search
m
Line 11: Line 11:
  
 
=== Start a Capture ===
 
=== Start a Capture ===
# capture [name] interface [interface name] match [protical (ip/icmp/tcp/udp)] host [source host (x.x.x.x/any)] [Dest host (x.x.x.x/any)]
+
\# capture [name] interface [interface name] match [protical (ip/icmp/tcp/udp)] host [source host (x.x.x.x/any)] [Dest host (x.x.x.x/any)]
  
 
=== Stop the capture but keep the data ===
 
=== Stop the capture but keep the data ===
# no capture [name] interface [interface name]
+
\# no capture [name] interface [interface name]
  
  
 
=== List Caputres ===
 
=== List Caputres ===
# show capture [name]  
+
\# show capture [name]  
  
 
=== Delete the capture ===
 
=== Delete the capture ===
# no capture [name]
+
\# no capture [name]
  
  
Line 43: Line 43:
  
  
== packet tracer ===
+
== packet tracer ==
  
 
# packet-tracer input [interface name] [protical (icmp/tcp/udp)] [source host (x.x.x.x)] [source port] [dest host (x.x.x.x)] [desk port] (detailed)
 
# packet-tracer input [interface name] [protical (icmp/tcp/udp)] [source host (x.x.x.x)] [source port] [dest host (x.x.x.x)] [desk port] (detailed)

Revision as of 09:09, 1 July 2014

Some notes on working with Cisco ASA's

Commands on an asa 8.3 and above

Capture packets (like linux tcpdump/ Solaris snoop)

Start a Capture

\# capture [name] interface [interface name] match [protical (ip/icmp/tcp/udp)] host [source host (x.x.x.x/any)] [Dest host (x.x.x.x/any)]

Stop the capture but keep the data

\# no capture [name] interface [interface name]


List Caputres

\# show capture [name]

Delete the capture

\# no capture [name]


Example

# capture SH interface extern match ip host 10.10.10.10 any
# show capt
capture SH type raw-data [Capturing - 14486 bytes] 
  match ip host 10.10.10.10 any 
# show capture SH

71 packets captured

   1: 16:47:19.884750       10.10.10.3.64216 > 10.10.10.10.53:  udp 42 
   2: 16:47:19.885086       10.10.10.10.53 > 10.10.10.3.64216:  udp 238 
...



packet tracer

  1. packet-tracer input [interface name] [protical (icmp/tcp/udp)] [source host (x.x.x.x)] [source port] [dest host (x.x.x.x)] [desk port] (detailed)


Example

  1. packet-tracer input external tcp 10.10.10.3 64216 10.10.10.10 53 detailed