Category:Cisco Systems -> Security
Deep packet inspection function is available on Cisco ASA and PIX firewalls.
There are three easy steps to configure it:
- Create an access list for interesting traffic
- Create named traffic capture instance, reference the access list and interface to apply
- Show contents of the traffic capture instance
Configuration:
access-list CAP-ACL extended permit ip host 10.120.130.45 any
capture CAP access-list CAP-ACL interface inside
sh capture CAP
// <output omitted>
clear capture CAP // to clear the list
no capture CAP // to delete the traffic capture instance
By privilege15