Default interface command

It can be rather painful to remove all of the interface commands when all you want to do is “reset” the interface to it’s default configuration. To reset an interface to the default configuration simply type “default interface x/y” from global configuration mode.

Router(config)#default interface FastEthernet 1/0
Building configuration…
Interface FastEthernet 1/0 set to default configuration

H.323 inspection on ASA platform

When running h323 h225 inspection on an ASA using the command “inspect h323 h225” on an ASA in transparent mode routes are required for the inspection to work correctly. These routes are ONLY needed for the inspection process and are NOT used to route the actual traffic as the transparent mode firewall does not participate in routing.
More information can be found here

ASA/PIX Packet Capture

There is an excellent packet capture capability built in to the ASA/PIX software. In order to capture traffic perform the following:

1) Create an ACL to identify the traffic you want to capture:

access-list ACL_CAPTURE permit tcp any any eq smtp

2) Create the capture statement:

capture MYCAP access-list ACL_CAPTURE interface inside

If you want to see the entire packet you would need to add the “packet-length 1522”

capture MYCAP access-list ACL_CAPTURE packet-length 1522 interface inside

You can then do a “show capture MYCAP” to see the traffic.

If you want to download the capture to a sniffer (wireshark), you have to do that while the capture is running you do that from a browser with the URL https:///capture//pcap

NOTE: This assumes that the interface on your ASA is named “inside”