Capturing Traffic
Cisco has provided an accomplished apparatus for capturing and allegory arrangement traffic
with the addition of PIX software adaptation 6.2.When the abduction command is
used, the PIX can act as a packet adenoids on the ambition interface, capturing packets
for after analysis.This command captures both entering and outbound traffic.
Capturing packets that alteration an interface is actual advantageous for troubleshooting,
because it enables you to actuate absolutely what cartage is actuality passed.When
you’re troubleshooting connectivity issues, it is generally advantageous to abduction packets
from the admission and approachable interfaces.You can assay the captured packets
www.syngress.com
598 Chapter 10 • Troubleshooting and Performance Monitoring
to actuate if there any problems with your configuration, such as IP address
disagreement, or problems with IKE or IPsec, such as altered or expect
parameters that are not actuality passed. Before this feature, the alone recourse an
engineer had was to install a packet abduction device.The packet abduction feature
was alien in PIX firewall adaptation 6.2 and is alone accessible for Ethernet
interfaces.The syntax of the command is as follows.
capture
The aboriginal parameter, capture-name, defines a name for this accurate capture
session. All added ambit are optional.The access-list constant specifies an