Tuesday, June 5, 2012

How to Download Packet Captures as a PCAP File to Use in Wireshark on a Cisco ASA

If you need to download your packet captures on a Cisco ASA/PIX so you can import them into Wireshark it is a very simple process.

I assume the following is true:
1. You have http (ASDM) access to the firewall
2. You already have a capture with captured packets: (See here how to create a capture)
If you want to just see the capture in the browser first to make sure there are packets you can do the following:

Command Format:
https://FW_IP/admin/capture/CAP_NAME
Example: 
https://10.55.55.55/admin/capture/jcap

Once you know you have data in your capture you can download the pcap by doing the following:

Command Format:
https://FW_IP/admin/capture/CAP_NAME/pcap
Example:
https://10.55.55.55/admin/capture/jcap/pcap














Posted by



at












































3 comments:








  1. MatiasDecember 11, 2017 at 7:18 AM
    It was a decent post to be sure. I completely delighted in understanding it in my lunch time. Will definitely come and visit this blog all the more frequently. Much obliged for sharing. Getinto Pc
    ReplyDelete
  2. Shankar MuraliJanuary 22, 2018 at 2:48 AM
    Superb. Thank you so much. :)
    ReplyDelete
  3. jagrutiMay 30, 2018 at 6:43 AM
    Nice Post.Thanks for sharing It.
    filehippy
    ReplyDelete


































        

      









Subscribe to:
Post Comments (Atom)