Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
617
Views
10
Helpful
3
Replies

How to check if a Cisco L3 device is blocking specific socket pair?

Go to solution
EricLu
Level 1
Level 1

‎10-20-2022 05:20 AM

Hi there,

I have a scenario question. Let's say you have one L3 switch. There is an access endpoint - a user laptop connected to the L3 Switch as well as a web server. The laptop and the webserver are on two separate VLANs, and also for good practice, on two separate subnets.

Let's say the user tries to access a website from the web server via port 443 and he/she fails to connect.

Besides watching matches on ACLs, is there a way to see if the failure is happening from within the Switch?

Thanks,

Eric

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP
In response to EricLu

‎10-20-2022 05:54 AM

@EricLu the embedded packet capture on the switch itself does not need a port mirror.

Or an alternative suggest is to run a port mirror of the interface of the client (source).

These are 2 different suggestions and can be run independently.

View solution in original post

3 Replies 3

Go to solution
EricLu
Level 1
Level 1
In response to Rob Ingram

‎10-20-2022 05:46 AM

Thanks for this reply,

I was looking for more of a debugging command or show command. Something that can be tracked within the Cisco iOS command, as I believe the packet capture will rely on another endpoint to get a port mirror.

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to EricLu

‎10-20-2022 05:54 AM

@EricLu the embedded packet capture on the switch itself does not need a port mirror.

Or an alternative suggest is to run a port mirror of the interface of the client (source).

These are 2 different suggestions and can be run independently.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card