76-7
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 76 Troubleshooting
Testing Your Configuration
Step 6 Specify the minimum and maximum TTL values for the first probes. The minimum default is one, but it
can be set to a higher value to suppress the display of known hops. The maximum default is 30. The
traceroute terminates when the packet reaches the destination or when the maximum value is reached.
Step 7 Check the Specify source interface or IP address check box. Choose the source interface or IP address
for the packet trace from the drop-down list. This IP address must be the IP address of one of the
interfaces. In transparent mode, it must be the management IP address of the adaptive security appliance.
Step 8 Check the Reverse Resolve check box to have the output display the names of hops encountered if name
resolution is configured. Leave this check box unchecked to have the output display IP addresses.
Step 9 Check the Use ICMP check box to specify the use of ICMP probe packets instead of UDP probe packets.
Step 10 Click Trace Route to start the traceroute.
The Traceroute Output area displays detailed messages about the traceroute results.
Step 11 Click Clear Output to start a new traceroute.
Tracing Packets with Packet Tracer
The packet tracer tool provides packet tracing for packet sniffing and network fault isolation, as well as
detailed information about the packets and how they are processed by the adaptive security appliance. If
a configuration command did not cause the packet to drop, the packet tracer tool provides information
about the cause in an easily readable manner.
In addition, you can trace the lifespan of a packet through the adaptive security appliance to see whether
the packet is operating correctly with the packet tracer tool. This tool lets you do the following:
• Debug all packet drops in a production network.
• Verify the configuration is working as intended.
• Show all rules applicable to a packet, along with the CLI commands that caused the rule addition.
• Show a time line of packet changes in a data path.
• Inject tracer packets into the data path.
To open the packet tracer, perform the following steps:
Step 1 In the main ASDM application window, choose Tools > Packet Tracer.
The Cisco ASDM Packet Tracer dialog box appears.
Step 2 Choose the source interface for the packet trace from the drop-down list.
Step 3 Specify the protocol type for the packet trace. Available protocol types include ICMP, IP, TCP, and UDP.
Step 4 Enter the source address for the packet trace in the Source IP Address field.
Step 5 Choose the source port for the packet trace from the drop-down list.
Step 6 Enter the destination IP address for the packet trace in the Destination IP Address field.
Step 7 Choose the destination port for the packet trace from the drop-down list.
Step 8 Click Start to trace the packet.
The Information Display Area shows detailed messages about the packet trace.
To Next Page
Loading...
Need help?
General
