ASA Packet Captures (CLI)

The ASA packet capture is a handy tool to use when troubleshooting connectivity through a firewall. Starting Captures To start a capture on the CLI of an ASA firewall the syntax is: capture <name_of_capture> type raw-data interface <ingress_interface> buffer <size_of_buffer> match <tcp|udp|ip> <source> <destination> eq <port_number> Where the source and destination can be any, host or a network range….

Wireshark Filters

Examples of Wireshark display filters: To show only FTP (port 21) use the following tcp.port eq 21 To show SMTP (port 25) and FTP (port 21) use the following tcp.port eq 25 or 21 To show traffic to or from a particular IP address or address range use the following ip.src== and ip.dst== When using…