Wednesday, December 17, 2014

Cisco ASA: How To View Your Captured Packets In Wireshark From The ASA

Some people just like GUIs.  That is fine.  I can understand that, I guess.  So what can you do when you want to see packet captures on the ASA in Wireshark instead of CLI?  Well, two things.  First, make sure "http server enable" and "http X.X.X.X X.X.X.X inside" is configured.  Then, take your packet capture.  (Click on this link on how to enable a packet capture in CLI.)  Once you have your packet capture going and you have the traffic you want to see, then do the following in your web browser:  <-- where 'capin' is the name of the capture I am taking

Rename the file and save it to what you want to save it as.  Then open it up in Wireshark.  You have the .pcap file that you want to see in Wireshark now.

No comments:

Post a Comment

Your comment will be reviewed for approval. Thank you for submitting your comments.