Sniffen op een cisco router

Yes you can capture/snif traffic on a Cisco router, can be very useful for troubleshooting ;-).
The only requirement is IOS 12.4(20) and DRAM is the limit for buffering captured data.

create access-list that filters traffic you want to capture
conf t
no ip access-list extended CAPTURE_ACL
ip access-list extended CAPTURE_ACL
permit tcp 194.7.19.0 0.0.0.255 any
permit tcp any 194.7.19.0 0.0.0.255
end

Create buffer and link buffer with access-list

monitor capture buffer CAPTURE
monitor capture buffer CAPTURE filter access-list CAPTURE_ACL

Optionally change the packet-size to be captured

monitor capture buffer CAPTURE max-size 256

Create capture point (interface where to capture)

monitor capture point ip cef INT Vlan1 both

Create capture point (complete ‘router’)

monitor capture point ip process-swiched INT both

Link capture point with buffer

monitor capture point associate INT CAPTURE

Start/stop the capture

monitor capture point start INT
monitor capture point stop INT

Export the capture to a file

monitor capture buffer CAPTURE export flash:filename.cap

On the router make sure the scp server is running (ip scp server enable) if you want to copy the file to a server with the > SCP protocol e.g. Cacti. This file can be read with wireshark/ethereal or tcpdump.

Remove the configuration of the capture

conf t
no ip access-list extended CAPTURE_ACL
end
no monitor capture buffer CAPTURE
no monitor capture point ip cef INT Vlan1 both