Debugging TCP traffic

Unanswered Question
Nov 8th, 2005
User Badges:

I have an access list as shown:


access-list 199 permit tcp host <ip address> any


What debugging command can I use so that I can see the TCP traffic from this specific list?


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ankurbhasin Tue, 11/08/2005 - 10:30
User Badges:
  • Red, 2250 points or more

HI Corey,


Instead of enabling the debugs I think you can add the "log" keyword at the end of the access list and then you can check in the logs what all traffic is hitting this access list.


Also you can try


debug ip packet 199


Regards,


ANKUR

Richard Burts Tue, 11/08/2005 - 13:42
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Corey


There is an implicit part of the answer by Ankur and I think it helps to make it explicit. If you add the log keyword to the access list, then you also need to apply the access list to appropriate interface(s). And you would need to determine if there is any interaction between this access list and any other access lists that may be applied on any interface.


I believe that you were probably looking for the debug ip packet 199 as Ankur has said. This modifies the debug output and only shows traffic that matches the access list. This can be very effective in reducing the impact of a debug that is potentially very disruptive.


Also if you are telnetted to a router when you do this you will need to do terminal monitor so that you can see the debug output.


HTH


Rick

Actions

This Discussion