debugging a traffic of a specific IP on cisco routers

Unanswered Question
May 13th, 2008
User Badges:


if i need to debug the traffic of only one ip address on a cisco router , how can i do this??

i know that an access list may be used , but please clarify the method for me?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
amritpatek Mon, 05/19/2008 - 09:03
User Badges:
  • Silver, 250 points or more


The debug procedure is the following:

PLEASE make sure to use this commands very carefully. If there's a lot of traffic between

hosts you may crash the router.

1) Turn "on" process switching under both interfaces in the router.


Router(config-if)#no ip route-cache


Router(config-if)#no ip route-cache

2) Create an access-list. Define specific traffic you want to monitorbetween hosts. For


Router(config)#access-list 199 permit tcp host x.x.x.x eq host y.y.y.y

Router(config)#access-list 199 permit tcp host y.y.y.y eq host x.x.x.x

3) If you are in a telnet session into the router turn "terminal monitor" on.

Router#term mon

If you are in a console session into the router, then the "logging console" command.

Router(config)#logging console

4)Finally the debug command.

Router#debug ip packet 199 detail

Where 199 is the access-list # we created.

5)Use the "un all" command to turn it off.

Router#un all

Here is a link also where you can find this procedure.

Using the Debug command.

If you turn on "process switching" on only one interface, you will only be able to debug

traffic on that particular interface as well.


This Discussion