Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
778
Views
0
Helpful
2
Replies

Debug Command in a PIX 6503 FWSM

santokhrandhawa
Level 1
Level 1

‎01-14-2007 09:12 PM - edited ‎03-11-2019 02:19 AM

Hi... I have a PIX 6503 FWSM with FWSM Firewall Version 2.3(1)

I want to run a debug command on the Firewall module but am told that debug is very CPU intensive. Can someone tell me the exact syntax to run a debug on a specific source and destination

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎01-15-2007 12:42 AM

Hi Santokh

With version 2.3 the debugging does not work as it would on a standalone pix. From Cisco doc

"The FWSM cannot capture traffic that goes through the network processors (such as most through traffic)."

So if you want to debug traffic going to an FWSM interface you can but to debug traffic going through the FWSM from a source to a destination you can't.

You need to look at the capture command, a link is provided below:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_command_reference_chapter09186a0080350595.html#wp1165215

I haven't used the capture command much. I usually track it down with access-lists ie:

you can have outbound and inbound access-lists with the FWSM so you can help narrow down where the traffic is getting to.

HTH

0 Helpful

santokhrandhawa
Level 1
Level 1
In response to Jon Marshall

‎01-15-2007 03:27 AM

Hi Jon

Thanks for your reply.

You have confirmed what I suspected - it is difficult to debug traffic on a FWSM.

Thanks for tips on the capture command. I tried a few capture commands and they worked.

Regards

Santokh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card