Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
799
Views
0
Helpful
3
Replies

How to debug on a PIX

jerry.roy
Level 1
Level 1

‎10-21-2002 11:26 AM - edited ‎02-20-2020 10:19 PM

Hi all,

I have a bunch of PIX 506E's acting as a FW's for a VPN I have deployed. We have a Nortel Contivity client sitting behind it doing Nat Traversal connecting back to a Nortel 4500 Head end at Corp. The problem is that all other sites work except this one that just won't connect to the 4500 at the Corp office. I have spoken with the Service Provider and they have all ports blocked except 113,256,259,500. I want to know how to do an IP packet debug to confirm the PIX is not droping the attempt to connect. Please can someone send me the right commands? I have tried numerous examples and I am sorry, It is NOT IOS and the debugs suck.

Thanks,

Jerry Roy

949-221-7208

0 Helpful
3 Replies 3

edadios
Cisco Employee
Cisco Employee

‎10-21-2002 08:23 PM

There is no debug packet command on the pix.

If you were running the latest code 6.2.X, there is a capture command that you can use an acl with to filter what you want captured.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/c.htm#xtocid3 .

Regards,

0 Helpful

gfullage
Cisco Employee
Cisco Employee
In response to edadios

‎10-21-2002 09:01 PM

You can do:

debug packet src

and this'll show you all the packets from "src" coming in on interface "if-name".

0 Helpful

jerry.roy
Level 1
Level 1
In response to gfullage

‎10-22-2002 01:10 PM

Hi All,

How do I clear access-list counters and not remove the access-lists themselves. The PIX "Clear" statements are a joke.

Thanks,

Jerry

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card