Home / Cisco R&S / How to gather packet captures in pcap format on a router?

How to gather packet captures in pcap format on a router?

There are various ways to capture the packets on Cisco router here let see how we configure and then capture the packets required in pcap format.
Fig 1.1- Cisco IOS Embedded Packet Capture 1

Step1: Configure Capture ACL
!
ip access-l ext list
 permit tcp any any eq 80
 permit tcp any eq 80 any
!

Step2: Create a Traffic Policy
!
conf t 
ip traffic-export profile capout mode capture 
bidirectional 
length 512 
incoming access-list list 
outgoing access-list list 
exit
!
Fig 1.2- Cisco IOS Embedded Packet Capture-2

Step3: Apply the profile to interface
!
interface gi0/1 [Egress interface where you need to capture]
ip traffic-export apply capout size 300000
exit 
!

Step4: To start(and stop) packet capture -exit from config prompt
!
traffic-export interface gi0/1 clear - before starting
traffic-export interface gi0/1 start - before testing
traffic-export interface gi0/1 stop - stop after the test 
!

Step 5: Save is to flash and via tftp
!
traffic-export interface gi0/1 copy flash: 
!
or 
!
traffic-export interface gi0/1 copy tftp:
!