Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

How to debug ACE traffic through ACE

I have the following test setup :

internet----ASA----ACE(a user context)---client.

I have some problems with icmp messages being dropped and some traffic that is not allowed.

How can i debug blocked traffic on the ACE ? I can't put a "log" entry on the end of an access-list rule neither can i debug ip traffic.

What should i do ?

1 REPLY
Bronze

Re: How to debug ACE traffic through ACE

You can capture packets on the ACE Context with "capture" and check them with a tool like wireshark.

If you have problems with icmp check if you're ACL on the client or server side vlan allows it.

You can also configure ICMP inspection if you dislike the behavior of traces from the server side to the outside.

Roble

178
Views
0
Helpful
1
Replies
CreatePlease to create content