Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1032
Views
0
Helpful
0
Replies

system support trace for IP range?

00u1arh1c7Nbc5p2z5d7
Level 1
Level 1

‎12-17-2021 02:32 PM - edited ‎12-17-2021 02:32 PM

FTD 6.6.5

 

We've got a "Block" ACL based on source networks that's somehow being bypassed, but only for a single group of source networks in the ACL. Support tech couldn't find any explanation, and suggested we run a system support trace.

 

The only problem is that the network object being bypassed is a /22 CIDR range. I've tried entering both a range x.x.x.x-y.y.y.y and the x.x.x.x/22 when prompted to "Please specify a client IP address." It wants an individual IP address.  The adversary isn't using the same address twice. So to figure out what's going on here, it seems my only two options are to either successfully guess which address they're going to use next, or to launch a thousand system support traces at once.

 

Are there any other ideas for actually capturing this traffic? Some trick I'm missing?

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card