01-14-2007 09:12 PM - edited 03-11-2019 02:19 AM
Hi... I have a PIX 6503 FWSM with FWSM Firewall Version 2.3(1)
I want to run a debug command on the Firewall module but am told that debug is very CPU intensive. Can someone tell me the exact syntax to run a debug on a specific source and destination
01-15-2007 12:42 AM
Hi Santokh
With version 2.3 the debugging does not work as it would on a standalone pix. From Cisco doc
"The FWSM cannot capture traffic that goes through the network processors (such as most through traffic)."
So if you want to debug traffic going to an FWSM interface you can but to debug traffic going through the FWSM from a source to a destination you can't.
You need to look at the capture command, a link is provided below:
I haven't used the capture command much. I usually track it down with access-lists ie:
you can have outbound and inbound access-lists with the FWSM so you can help narrow down where the traffic is getting to.
HTH
01-15-2007 03:27 AM
Hi Jon
Thanks for your reply.
You have confirmed what I suspected - it is difficult to debug traffic on a FWSM.
Thanks for tips on the capture command. I tried a few capture commands and they worked.
Regards
Santokh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: