Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
349
Views
0
Helpful
1
Replies

IP Packet debug on 29xx

netevilarch
Level 1
Level 1

‎04-18-2012 11:00 AM - edited ‎03-04-2019 04:04 PM

Hi All,

I wonder if someone can give me some guidance on using 'debug ip packet acl# det on a 2911.

On an older Cisco router you could set up an ACL

access-list 150 permit tcp any any eq 1023  and then run debug ip packet 151 det and this would give a good debug output for any traffic matching a TCP port of 1023.

Now when I try this on a 29xx ( Version 15.1(4)M3 ) I get the screen filling with a lot of multicats HSRP communications.

I have tried rewriting the acl to have other deny statements after the permit to limit the source or destination hosts and/or the ports but the HSRP data is still there.

like this

access-list 150 permit tcp any any eq 1023

access-list 150 deny udp any any eq 1985

or like this

access-list 150 permit tcp any any eq 1023

access-list 150 deny udp any any

access-list 150 deny tcp any any

So any ideas any one ?

Thanks

Cefyn

Labels:
0 Helpful
1 Reply 1

paolo bevilacqua
Hall of Fame
Hall of Fame

‎04-18-2012 11:06 AM

That may be due to a bug. New IOS, new bugs.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card