https://community.cisco.com/t5/network-security/commands-to-monitor-particular-connection-in-pix-515/m-p/170166#M615609 <P>Hello ,</P><P></P><P>We have got pix 515 with IOS ver 6.2(1). We have created an access-list &amp; NAT for one of customer requirement to access a server behind the firewall. Sadly , customer can't able to connect to server inside . Is there any command like debug to monitor on the firewall for troubleshooting of this particular connection only (FYI , syslog is not enabled in fireawll ) . I tried with "show logging " comamnd which gives minimum information. </P><P></P><P>Regards,</P><P>Raju</P> Fri, 21 Feb 2020 06:52:01 GMT raju 2020-02-21T06:52:01Z https://community.cisco.com/t5/network-security/commands-to-monitor-particular-connection-in-pix-515/m-p/170166#M615609 <P>Hello ,</P><P></P><P>We have got pix 515 with IOS ver 6.2(1). We have created an access-list &amp; NAT for one of customer requirement to access a server behind the firewall. Sadly , customer can't able to connect to server inside . Is there any command like debug to monitor on the firewall for troubleshooting of this particular connection only (FYI , syslog is not enabled in fireawll ) . I tried with "show logging " comamnd which gives minimum information. </P><P></P><P>Regards,</P><P>Raju</P> Fri, 21 Feb 2020 06:52:01 GMT https://community.cisco.com/t5/network-security/commands-to-monitor-particular-connection-in-pix-515/m-p/170166#M615609 raju 2020-02-21T06:52:01Z https://community.cisco.com/t5/network-security/commands-to-monitor-particular-connection-in-pix-515/m-p/170167#M615611 <HTML><HEAD></HEAD><BODY><P>Hi Raju,</P><P></P><P>You could try cmd: debug packet <INTERFACE name=""> <SOURCE ip=""></SOURCE></INTERFACE></P><P></P><P>To stop debug use cmd: no debug all</P><P></P><P>The above will show you how/were the source IP (in this case your customer IP) is traversing over the PIX. Pls. be aware the debug cmd can generate HIGH cpu usage, so not recommended on production PIX.</P><P></P><P>Can you also post the result and PIX config if your still having problems - Pls. remember to exclude 'real' IP's and passwords etc.</P><P></P><P>Thanks --</P><P></P></BODY></HTML> Mon, 21 Jul 2003 06:35:59 GMT https://community.cisco.com/t5/network-security/commands-to-monitor-particular-connection-in-pix-515/m-p/170167#M615611 jmia 2003-07-21T06:35:59Z https://community.cisco.com/t5/network-security/commands-to-monitor-particular-connection-in-pix-515/m-p/170168#M615614 <HTML><HEAD></HEAD><BODY><P>Is the server the customer is trying to access in a DMZ, or on you actual internat network? Do you have a stattric command setup for the internal server to external address?</P></BODY></HTML> Tue, 22 Jul 2003 18:06:02 GMT https://community.cisco.com/t5/network-security/commands-to-monitor-particular-connection-in-pix-515/m-p/170168#M615614 pcrgm1119 2003-07-22T18:06:02Z https://community.cisco.com/t5/network-security/commands-to-monitor-particular-connection-in-pix-515/m-p/170169#M615616 <HTML><HEAD></HEAD><BODY><P>Hi!</P><P></P><P>Thanks for your reply . The server is located inside our Network (secured Network ). I do have a static command with external address for the server . We have similar entries for some other customers with different IP addresses and it's all working fine in secured way other than this new customer . I want to to know some commands like trace or something like that to findout what does firewall do when it receives packet or request from this new customer . </P><P></P><P>Thanks</P></BODY></HTML> Tue, 22 Jul 2003 18:32:13 GMT https://community.cisco.com/t5/network-security/commands-to-monitor-particular-connection-in-pix-515/m-p/170169#M615616 raju 2003-07-22T18:32:13Z