====== Cisco ASA Packet Capture ======

**General Information**

It is very useful to captures packets directly on an ASA Firewall for troubleshooting purposes.

**Checklist**
  * ASA Firewall
  * Actual traffic to capture

----

===== The Example =====

In this example, we are interested in traffic between two hosts; 192.168.1.134 and 192.168.5.56.
You could also narrow it down to ports, but risk missing traffic.

1) Create the ACL to narrow down interesting traffic:
<code>
asa(config)#
access-list acl-capin extended permit ip host 192.168.1.134 host 192.168.5.56
access-list acl-capin extended permit ip host 192.168.5.56 host 192.168.1.134
</code>

2) Create and start packet capture using the ACL created above for filtering.

capture <capture-name> interface <interface-name> access-list <access-list-name>
<code>
capture capin interface Inside access-list acl-capin
</code>

3) View names of all captures that are created
<code>
show capture
</code>

4) View content of specific capture
<code>
show capture capin
</code>

5) Clear capture content
<code>
clear capture capin
</code>

6) Delete capture
<code>
no capture capin
</code>

Don't forget to remove the now unused ACL.