Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1319
Views
0
Helpful
3
Replies

FTD - ASP-DROP - Inspection failure (inspect-fail)

a12288
Level 3
Level 3

‎11-27-2022 09:43 PM

I have increased number of  Inspection failure (inspect-fail) from show asp drop, and would like to capture them for further investigation, and wonder what option should I use after capture my-capture type asp-drop ? Thanks.

Leo

1 person had this problem
0 Helpful
3 Replies 3

MHM Cisco World
VIP
VIP

‎11-28-2022 01:26 AM

show capture usually use after capture, 
and note disable capture after troubleshooting.

can you share show interface of ASA ??

0 Helpful

Peter Koltl
Level 7
Level 7

‎03-14-2025 06:48 AM 

> capture ASP1-insp type asp-drop inspect-fail
Syntax error: Illegal command line

"ASP Inspection failure" (inspect-fail) category: this particular drop grouping is reported as a summary value in the output of the "show asp drop" command. It aggregates several drop events associated with the inspection phase, and there isn’t a dedicated or direct capture filter (such as "inspect-fail") available for use with the capture command.

0 Helpful

Sheraz.Salim
VIP Alumni
VIP Alumni

‎03-17-2025 02:25 AM

capture packets dropped due to inspection failures for further investigation, use the command

> system support diagnostic-cli
capture ASP-DROP type asp-drop inspect-fail

This command creates a capture named "ASP-DROP" that specifically targets packets dropped by the Accelerated Security Path (ASP) due to inspection failures. Once the capture is set up, you can view the collected packets with

show ASP-DROP

please do not forget to rate.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card