09-14-2017 05:52 AM - edited 02-21-2020 06:18 AM
Hello Guys,
Following are basics, but I'm new to the FTD/FMC, just have a quick questions:
I've FTD 4100 series managed by FMC.
FTD image is used on FP4100.
1. How can i do ping test from the firewall.
Is it through FMC or FTD?
CLI/GUI?
2. If i'm creating a dynamic routing protocol such as OSPF.
How can i troublshoot it? FMC or FTD?
CLI/GUI?
How can i check the status of ospf? neighbors?....etc
3. How can i do packet tracer (same as old ASA)? is it available?
4. If i'm doing a connection test between servers behind the firewall, how can i see the real time logs for troublshooting what is going on?
Thanks in advance.
Regards
09-19-2017 06:50 PM
1. FTD cli.
2. Most of the show commands you are used to from ASA code are still available on the FTD cli.
3. packet-tracer utility is available from both the sensor (FTD) cli and FMC GUI. In the GUI it is under "System > Health > Monitor". Select the sensor there and then Advanced Troubleshooting (requires FMC 6.2 or later). Note you can remotely execute cli commands from this same location.
4. The connection events table is the best place to start (Analysis > Connections > Events). Filter the source or destination IP address and you will have a good view of the traffic through the device. Drop to packet-tracer or capture if needed for more in-depth troubleshooting.
02-25-2022 01:28 PM
Marvin, how is the ACTION column used? When it says "Allow" does it mean that it is currently blocked and you can allow the traffic or is the ALLOW mean it's currently being allowed?
02-26-2022 07:11 PM
@davsnet2000 the ACTION column is the record of what action was actually taken by the device. So ALLOW means that the connection was allowed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide