Saturday 30 July 2016

Capture traffic from Cisco ASA command line


ASA#capture <capname> interface <interface> match ip Source Destination

ASA#capture captureinside interface inside match ip host host

View the capture file with following command

ASA#show capture <capname>

If you want the same to be opened in wireshark or require it as a file

https://<ip address of asa>/capture/<capname>/pcap from the browser, it will be downloaded to the local machine