• Aucun résultat trouvé

Table of Contents

N/A
N/A
Info
Télécharger
Protected

Academic year: 2022

Partager "Table of Contents"

Copied!
5
0
0

Chargement.... (Voir le texte intégral maintenant)

Texte intégral

(1)

Table of Contents

WebVPN Capture Tool on the Cisco ASA 5500 Series Adaptive Security Appliance...1

Document ID: 65096...1

Introduction...1

Prerequisites...1

Requirements...1

Components Used...1

Conventions...2

Configure...2

WebVPN Capture Tool Output Files...2

Activating the WebVPN Capture Tool...2

Locating and Uploading the WebVPN Capture Tool Output Files...3

Verify...4

Troubleshoot...4

NetPro Discussion Forums − Featured Conversations...4

Related Information...4 Cisco − WebVPN Capture Tool on the Cisco ASA 5500 Series Adaptive Security Appliance

(2)

WebVPN Capture Tool on the Cisco ASA 5500 Series Adaptive Security Appliance

Document ID: 65096

Introduction Prerequisites Requirements Components Used Conventions Configure

WebVPN Capture Tool Output Files Activating the WebVPN Capture Tool

Locating and Uploading the WebVPN Capture Tool Output Files Verify

Troubleshoot

NetPro Discussion Forums − Featured Conversations Related Information

Introduction

The Cisco ASA 5500 Series Adaptive Security Appliance includes a WebVPN capture tool that lets you log information about Web sites that do not display properly over a WebVPN connection. You can enable the capture tool from the Command Line Interface (CLI) of the security appliance. The data this tool records can help your Cisco customer support representative troubleshoot problems.

Note: Enabling the WebVPN capture tool has an impact on the performance of the security appliance. Be sure to disable the capture tool after you have generated the output files.

Prerequisites

Requirements

Before attempting this configuration, ensure that you meet these requirements:

using the Command Line Interface (CLI) to configure the Cisco ASA 5500 Series Adaptive Security Appliance.

Components Used

The information in this document is based on these software and hardware versions:

Cisco ASA 5500 Series Adaptive Security Appliance running version 7.0

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

(3)

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Configure

In this section, you are presented with the information to configure the features described in this document.

Note: To find additional information on the commands used in this document, use the Command Lookup Tool ( registered customers only) .

WebVPN Capture Tool Output Files

When the WebVPN capture tool is enabled, the capture tool stores the data from the first URL visited in the following files:

original.000Contains the data exchanged between the security appliance and the Web Server.

mangled.000Contains the data exchanged between the security appliance and the Browser.

For each subsequent capture, the capture tool generates additional matching original.<nnn> and

mangled.<nnn> files and increments the file extensions. In this example, the output of the dir command displays three sets of files from three URL captures:

hostname# dir

Directory of disk0:/

2952 −rw− 10931 10:38:32 Jan 19 2005 config 6 −rw− 5124096 19:43:32 Jan 01 2003 cdisk.bin 3397 −rw− 5157 08:30:56 Feb 14 2005 ORIGINAL.000 3398 −rw− 6396 08:30:56 Feb 14 2005 MANGLED.000 3399 −rw− 4928 08:32:51 Feb 14 2005 ORIGINAL.001 3400 −rw− 6167 08:32:51 Feb 14 2005 MANGLED.001 3401 −rw− 5264 08:35:23 Feb 14 2005 ORIGINAL.002 3402 −rw− 6503 08:35:23 Feb 14 2005 MANGLED.002 hostname#

Activating the WebVPN Capture Tool

Note: The Flash File System has limitations when multiple files are opened for writing. The WebVPN capture tool can possibly cause file system corruption when multiple capture files are being updated concurrently. If this failure should occur with the capture tool, contact the Cisco Technical Assistance Center (TAC).

To activate the WebVPN capture tool, use the debug menu webvpn 67 command from privileged EXEC mode:

debug menu webvpn 67 <cmd> <user> <url>

Where:

cmd is 0 or 1. 0 disables capture. 1 enables capture.

user is the username to match for data capture.

url is the URL prefix to match for data capture. Use one of these URL formats:

Use /http to capture all data.

(4)

Use /http/0/<server/path> to capture HTTP traffic to the server identified by <server/path>.

Use /https/0/<server/path> to capture HTTPS traffic to the server identified by <server/path>.

To disable capture, use the debug menu webvpn 67 0 command.

In this example, the WebVPN capture tool is enabled to capture HTTP traffic for user2 visiting Web site wwwin.abcd.com/hr/people:

hostname# debug menu webvpn 67 1 user2 /http/0/wwwin.abcd.com/hr/people Mangle Logging: ON

Name: "user2"

URL: "/http/0/wwwin.abcd.com/hr/people"

hostname#

In this example, the WebVPN capture tool is disabled:

hostname# debug menu webvpn 67 0 Mangle Logging: OFF

Name: "user2"

URL: "/http/0/wwwin.abcd.com/hr/people"

hostname#

Locating and Uploading the WebVPN Capture Tool Output Files

To locate the WebVPN capture tool output files, use the dir command. This example shows the output of the dir command, including the ORIGINAL.000 and MANGLED.000 files that were generated:

hostname# dir

Directory of disk0:/

2952 −rw− 10931 10:38:32 Jan 19 2005 config 6 −rw− 5124096 19:43:32 Jan 01 2003 cdisk.bin 3397 −rw− 5157 08:30:56 Feb 14 2005 ORIGINAL.000 3398 −rw− 6396 08:30:56 Feb 14 2005 MANGLED.000 hostname#

You can upload the WebVPN capture tool output files to another computer using the copy flash command. In this example, the ORIGINAL.000 and MANGLED.000 files are uploaded:

hostname# copy flash:/original.000 tftp://10/86.194.191/original.000 Source filename [original.000]?

Address or name of remote host [10.86.194.191]?

Destination filename [original.000]?

!!!!!!

21601 bytes copied in 0.370 secs

hostname# copy flash:/mangled.000 tftp://10/86.194.191/mangled.000 Source filename [mangled.000]?

Address or name of remote host [10.86.194.191]?

Destination filename [mangled.000]?

!!!!!!

23526 bytes copied in 0.380 secs hostname#

Note: To avoid possibly corrupting the file system, do not allow the original.<nnn> and mangled.<nnn> files from previous captures to be overwritten. When you disable the capture tool, delete the old files to prevent corrupting the file system.

(5)

Verify

There is currently no verification procedure available for this configuration.

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

NetPro Discussion Forums − Featured Conversations

Networking Professionals Connection is a forum for networking professionals to share questions, suggestions, and information about networking solutions, products, and technologies. The featured links are some of the most recent conversations available in this technology.

NetPro Discussion Forums − Featured Conversations for Security Security: Intrusion Detection [Systems]

Security: AAA Security: General Security: Firewalling

Related Information

Cisco ASA 5500 Series Adaptive Security Appliance Configuration Guides

Technical Support & Documentation − Cisco Systems

All contents are Copyright © 1992−2005 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.

Updated: Jun 21, 2005 Document ID: 65096

Références

Télécharger maintenant ( PDF - 5 Page - 15.67 KB )

Documents relatifs

Table of Contents

Related Information...27 Cisco − PIX Security Appliance (Version 7.x) or ASA 5500 with Three Internal Networks Configuration Example.3. PIX Security Appliance (Version 7.x) or ASA

Cisco Security Appliance Command Reference

Chapter 3 acl-netmask-convert through auto-update timeout Commands authentication (tunnel-group webvpn configuration mode). hostname(config)# tunnel-group test

Cisco Security Appliance Logging Configuration and System Log Messages

Recommended Action Copy the error message and submit it, the configuration and any details about the events leading up to this error to Cisco

Table of Contents

This document describes how to use the Cisco Adaptive Security Device Manager (ASDM) to configure the Cisco 5500 Series Adaptive Security Appliance (ASA) to act as a remote VPN

ASA/PIX 7.x to Support Dual ISP Links Configuration Example

This document also describes how to use the Cisco Adaptive Security Device Manager (ASDM) to configure the PIX 500 Series Security Appliance or ASA 5500 Series Security Appliance

Cisco IPsec and SSL VPN Solutions Portfolio

The extensive portfolio of Cisco ® VPN solutions includes Cisco routers, Cisco Catalyst ® 6500 Series Switches, and Cisco ASA 5500 Series Adaptive Security Appliances..

Cisco Router and Security Device Manager Cisco WebVPN

For IP address and name, select the IP address that users will enter to access the WebVPN portal page; Cisco SDM lists the IP addresses of all configured router interfaces and

Catalyst 6500 Series Switch WebVPN Services Module Software Configuration Guide

Catalyst 6500 Series Switch WebVPN Services Module Software Configuration Guide Copyright © 2005, Cisco Systems, Inc.. All