PIX - How to view packet captures within Wireshark
Below provides the nessecary steps required to create an a packet capture on an ASA/PIX, and the relevant download method.
- You will requre pscp (putty pscp) installed onto your PC. Download pscp here.
- This is only available in the later versions of PIX & ASA.
First of all start the capture.
capture capturefile type raw-data interface [interface name]
Next enable scp and copy the capture into Flash.
ssh scopy enable
copy /pcap capture:capturefile flash:capturefile.cap
On your PC run the following syntax via 'Start | Run | CMD' to download the capture to your PC.
pscp -scp [user]@][PIX IP]:capturefile.cap capturefile.cap