Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

packet inspect


It seems some of our users (maybe all) get intermittent issues when conecting to websites.  For example when I connect to or it might take ages but load or fail, if I hit F5 to refresh then it loads immediately.  During this time our internet bandwidth is low and I have even disabled the IPS policies.

I have been asked to do a packet inspection from my PC ( to ( display the results in the CLI for that communication only, how can I do this?

I guess we want to see there are issues/delay with the syn,syn ack, ack process first then see what happens to the data?

I'm had a look at a couple of articles but looks complicated to me.

Cisco Employee

Re: packet inspect

check and see if you are inspecting http. "sh run policy-map" output should show you.

The command that you are looking for is this.

sh service-policy flow tcp host host eq 80

You are not using any proxy are you? If so try to eliminate that.

Make sure the interfaces do not show any incrementing erros (sh int | i errors). If so, resolve that first.


CreatePlease to create content