We use a Cisco 877 router with a Dialer Interface for Internet and FE Interface for our LAN.
A few days ago we discovered that a specific website we access on a regular basis is not reachable from our office. However any network outside our office is able o get to the website.
It turned out that the Network Service Provider for this web hosting company has blocked tcp port 80 & 443 from our IP to their client's webserver.
During the trouble shooting I enabled TCP debugging for port 80 on the Cisco router & tried to telnet to the website from the router. The output I received on the router didn't indicate where the tcp packets are being blocked.
So my question is as follows: Is it possible to enable debugging whereby I can see at what hop & host IP the packets are dropped when using Cisco debugging?
traceroute is a good tool and as John indicates it will show the last hop from which you received a response. But normal traceroute uses either UDP packets (if it is a Cisco or *nix OS) or ICMP (if it is a Windows box) and the original poster is looking for where TCP was being dropped. There is a utility that does traceroute using TCP. I have not used it and can say how well it works. But it seems that it should do what the original poster wants.
Thank you for sharing your experience using tcptraceroute. I thought it sounded good and am glad to know that it is good.
And thank you for reminding me that the OP was asking about using a router to find this information. I had started to write my answer that there was not a way on the router to determine at what hop the TCP was being dropped. And then I remembered the TCP adaptation of traceroute. I got so enthused about this that I lost track of the context of the original question. So +5 to you.
So probably the real answer to the OP is that on the router itself there is not really a way to find the hop and host IP that is dropping TCP packets. But that using tcptraceroute on a host in the network it may be possible.
Just to let you know that I did use the traceroute tool to see where the packet was dropped, but after I used this I thought about posting the question.
Regarding the traceroute I went to geektools.com and from there selected the traceroute option at the top, right of the page. From the new page that opened I selected the first option under Australia which is pretty much a web interface looking glass to trace to a destination IP. (URL is http://looking-glass.connect.com.au/lg). This helps in that it is completely web driven instead of installing something onto my device(s). Maybe not as good as the above mentioned packages though.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.