Cisco uses a different way to run and save packet captures on its ASA firewall than a popular Linux tcpdump/Wireshark tools. Below is a quick guide to capture and then copy out a pcap file from the firewall for offline analysis.
Setting up your Packet Capture
The basic syntax is:
#capture <Name for capture> type raw-data match ip <source IP/Network> <Network Mask> <destination IP/Network> <Network MAsk>
#capture <Name for capture> packet-length 1522 buffer 524288
#capture <Name for capture> interface <Name of interface to capture on>