cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1173
Views
0
Helpful
3
Replies

Cisco FWSM - How to check if packets are being dropped on a fwsm interface

cosimotodaro
Level 1
Level 1

Hi,

I want to check whether packets are being dropped on a FWSM interface.  How to do this? 

I was reading some Cisco documentation and the 'packets dropped' shown under the interface is not what I thought it meant

Interface Vlan100 "backbone", is up, line protocol is up

        MAC address 001b.2a13.6fc0, MTU 1500

        IP address 10.237.100.22, subnet mask 255.255.254.0

  Traffic Statistics for "backbone":

        202841061915 packets input, 199799113322222 bytes

        28922941827 packets output, 3125943828129 bytes

        9853070 packets dropped

3 Replies 3

Julio Carvajal
VIP Alumni
VIP Alumni

Hello,

Do captures...

Lets say you think the ASA is dropping HTTPS traffic between 2 hosts so you could create a capture specifing the interfaces where that traffic gets and leaves ( example inside-outside)

capture capin interface inside match tcp any any eq https

capture capout interface outside match tcp any any eq https

Then you do a show cap capin or show cap capout

if you see packets only on one side then that would mean packets are getting dropped on that interface as they are not reaching the other interface..

THE EASIEST capture

cap asp type asp-drop all circular-buffer

This will capture all of the packets being dropped by the FWSM

so

show cap asp | include x.x.x.x

Will show you the packets being dropped for that particular ip ( x.x.x.)

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hi,

Thanks for your reply and sorry for the delay.  I will try to do that, however it's not a Cisco ASA, but a Cisco FWSM.

Regards

Hello,

Either way The capture will work.,

Follow the instructions and keep us posted

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: