On this page
Capturing connections on an interface
Introduction
Capturing (or dumping) means to capture network packets. In this article, we’ll look at how to capture TCP packets that pass through our Cisco device, particularly through a specific interface. Here’s how to proceed.
Creating the access list
First, create an access list called dumptcp to allow connections from a host to any of our interfaces. You can specify a particular one if you wish:
|
|
Then we do the reverse so that the Cisco can respond:
|
|
Creating the Dump
Now that we have the ability to see the traffic, we need to create the dump rule that we’ll call dump104, and that we’ll use on the inside interface:
|
|
Now, we verify that our dump is correctly configured:
|
|
Now that everything is set up, we can view the capture:
|
|
Last updated 23 May 2007, 15:45 CEST.