Assume I have an ASA 5510 with a very basic setup.
int e0/0 is the outside interface that is connected to the internet.
int e0/1 is the inside interface.
Now, computer 10.10.10.10 from the inside network browses the internet 220.127.116.11.
question 1: When I run a packet capture on this; is the inside interface the INGRESS interface and the outside interface the EGRESS interface?
question 2: If I want to see the return traffic coming back to 10.10.10.10 from 18.104.22.168, would I still look at the ingress capture? It looks like when you run a packet capture and specify an interface for ingress it automatically shows outbound and inbound traffic on that interface. Is that correct?