ssh 192.168.0.0 255.255.255.0 inside_interface_name
Tuesday, May 15, 2012
How to enable ssh in ASA from inside accesss
AAA authentication ssh console LOCAL
ssh 192.168.0.0 255.255.255.0 inside_interface_name
ssh 192.168.0.0 255.255.255.0 inside_interface_name
How to check outbound traffic high in ASA?
1- Capture the dropped packets on the ASA side using the following commands:
cap capdrop type asp-drop all // after issuing this command, wait for some time after that issue the following command
show cap capdrop // please collect the output of this command and send it to me
2- Please do a spanning for the port connecting the ASA on the switch to another port and connect a PC and collect wireshark captures, if you have Cisco switch, you can use the following commands to span the port:
(config)#monitor session 1 source interfaceboth
(config)#monitor session 1 dest interface
Please perform step one when you plug in all the cable. For step 2, you may skip if you are not able to capture with Wireshark.
cap capdrop type asp-drop all // after issuing this command, wait for some time after that issue the following command
show cap capdrop // please collect the output of this command and send it to me
2- Please do a spanning for the port connecting the ASA on the switch to another port and connect a PC and collect wireshark captures, if you have Cisco switch, you can use the following commands to span the port:
(config)#monitor session 1 source interface
(config)#monitor session 1 dest interface
Please perform step one when you plug in all the cable. For step 2, you may skip if you are not able to capture with Wireshark.
Subscribe to:
Posts (Atom)