Cisco Cisco ASA 5540 Adaptive Security Appliance 기술 매뉴얼
Use the debug menu webvpn 67 0 command in order to disable capture.
In this example, the WebVPN capture tool is enabled to capture HTTP traffic for user2 visiting Web site
wwwin.abcd.com/hr/people:
wwwin.abcd.com/hr/people:
hostname#debug menu webvpn 67 1 user2 /http/0/wwwin.abcd.com/hr/people
Mangle Logging: ON
Name: "user2"
URL: "/http/0/wwwin.abcd.com/hr/people"
hostname#
In this example, the WebVPN capture tool is disabled:
hostname#debug menu webvpn 67 0
Mangle Logging: OFF
Name: "user2"
URL: "/http/0/wwwin.abcd.com/hr/people"
hostname#
Locate and Upload the WebVPN Capture Tool Output Files
Use the dir command in order to locate the WebVPN capture tool output files. This example shows the output
of the dir command and includes the ORIGINAL.000 and MANGLED.000 files that were generated:
of the dir command and includes the ORIGINAL.000 and MANGLED.000 files that were generated:
hostname#dir
Directory of disk0:/
2952 −rw− 10931 10:38:32 Jan 19 2005 config
6 −rw− 5124096 19:43:32 Jan 01 2003 cdisk.bin
3397 −rw− 5157 08:30:56 Feb 14 2005 ORIGINAL.000
3398 −rw− 6396 08:30:56 Feb 14 2005 MANGLED.000
hostname#
You can upload the WebVPN capture tool output files to another computer using the copy flash command. In
this example, the ORIGINAL.000 and MANGLED.000 files are uploaded:
this example, the ORIGINAL.000 and MANGLED.000 files are uploaded:
hostname#copy flash:/original.000 tftp://10/86.194.191/original.000
Source filename [original.000]?
Address or name of remote host [10.86.194.191]?
Destination filename [original.000]?
!!!!!!
21601 bytes copied in 0.370 secs
hostname#copy flash:/mangled.000 tftp://10/86.194.191/mangled.000
Source filename [mangled.000]?
Address or name of remote host [10.86.194.191]?
Destination filename [mangled.000]?
!!!!!!
23526 bytes copied in 0.380 secs
hostname#
Note: In order to avoid possible file system corruption, do not allow the original.<nnn> and mangled.<nnn>
files from previous captures to be overwritten. When you disable the capture tool, delete the old files in order
to prevent corruption of the file system.
files from previous captures to be overwritten. When you disable the capture tool, delete the old files in order
to prevent corruption of the file system.
Verify
There is currently no verification procedure available for this configuration.