Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA - Troubleshooting Steps

Hi,

What troubleshooting steps are required to see if the traffic is passing from a specific host from internal network to DMZ or from outside to inside...

3 REPLIES

Re: ASA - Troubleshooting Steps

Hi,

A good step would be to go through the traffic logs.

However, if you dont want to go for logging/ syslog, these commands can be helpfull...

- "show access-list" >> to check the access-list hit count for that traffic.

- "show connection" >> to verify the entries in the connection table for your interesting traffic.

- "show xlate" >> to verify the entries in the NAT transalation table , whether correct NAT is configured or not.

Bronze

Re: ASA - Troubleshooting Steps

You can also use ASDM and filter the interesting traffic.

Silver

Re: ASA - Troubleshooting Steps

If you would capture traffic for VPN.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808c9a87.shtml

If you would capture traffic for specific source and destination:

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807c35e7.shtml

Configure above captures.

Thanks,

Dharmesh Purohit

298
Views
0
Helpful
3
Replies
CreatePlease to create content