Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
300
Views
0
Helpful
1
Replies

Command required for trouble shooting .

k_jeevanandhan
Level 1
Level 1

‎02-03-2015 11:24 PM - edited ‎03-11-2019 10:26 PM

Hi ,

As I am new to Cisco , request to suggest the most matching command to trouble shoot the Cisco ASA and  FWSM  in the command line interface.

 

Pls  find the below questions.

 

  1. How can I check the traffic   hit   for a particular ip   address   in command line  interface .

 

   Ie   how can I check  whether a   particular ip address   traffic allowed through the firewall  or is it blocking in the firewall .  ACL   traffic is allowed by specifying   network group only . No individual host ip address   are using.

 

 2 . How   do I   know  the  TCP three way hand shake getting completed or not  .

 

Ie for a particular ip  address  how do I know TCP  sync or flag  status .I mean how do I confirm the  tcp   three way handshake is getting completed or not.

 

Regards,

jeevanandhan

 

Labels:
0 Helpful
1 Reply 1

Rishabh Seth
Level 7
Level 7

‎02-03-2015 11:35 PM

>>To check how ASA will treat a particular flow you can use packet-tracer utility:

++link for packet tracer: https://supportforums.cisco.com/document/29601/troubleshooting-access-problems-using-packet-tracer

 

>> To check and understand tcp connection status you can use sh conn address <ip-add>

++ refer this for tcp connections: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113602-ptn-113602.html

 

 

hope it helps.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card