I seem to be having trouble finding just the right syntax to capture all traffic between 2 IPs.
I've tried a number of commands, but haven't seemed to find the right combo.

I am on RHEL 8.8.
A list of commands I have tried:

tcpdump -s 0 -vv -c 100 -i ens192 -xX src host IP and dst host IP and not stp -w /tmp/capture.pcap

tcpdump -nli ens192 host IP and IP -w /tmp/allcap.pcap

tcpdump -s 0 -vv -c 100 -nli ens192 host IP and IP -w /tmp/allcap.pcap

I've tried separate commands for each IP. However, neither of those limits the capture to just the 2 IPs that I want.

tcpdump -ni ens192 src host IP -w /tmp/capout.pcap

tcpdump -ni ens192 dst host IP -w /tmp/capin.pcap

I'm trying other options, but I thought I'd try you guys.
Thanks

If you have space enough, it might be useful to capture the more complete dump and then filter the output to build a database of the traffic only involving BOTH of your two addresses.

If I understand correctly, you want only packets with both those IPs? Use and. Maybe something like this:
I only tested it with pings but it seems to work.

A you are wanting to capture packets going to another IP address that is not the machine that you are on? You need to put the ethernet interface into promiscuous mode.

Read about the security risk of doing that before you do.

I didn't have to worry about any of that.
tcpdump -s 0 -c 100 -vv src host 10.0.0.1 and dst host 10.0.0.2 -w /tmp/capin.pcap
I just changed the IP around and ran the command a 2nd time.
tcpdump -s 0 -c 100 -vv src host 10.0.0.2 and dst host 10.0.0.1 -w /tmp/capout.pcap.

Grabbed what I needed.

You can use following command to watch bi-direction traffic.
tcpdump -i ens192 -vv host 10.0.0.1 -w /tmp/capin.pcap