Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4446
Views
0
Helpful
2
Replies

Debugging TCP traffic

corey.mckinney
Level 1
Level 1

‎11-08-2005 10:27 AM - edited ‎03-03-2019 12:43 AM

I have an access list as shown:

access-list 199 permit tcp host <ip address> any

What debugging command can I use so that I can see the TCP traffic from this specific list?

Thanks

Labels:
0 Helpful
2 Replies 2

ankurbhasin
Level 9
Level 9

‎11-08-2005 10:30 AM

HI Corey,

Instead of enabling the debugs I think you can add the "log" keyword at the end of the access list and then you can check in the logs what all traffic is hitting this access list.

Also you can try

debug ip packet 199

Regards,

ANKUR

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to ankurbhasin

‎11-08-2005 01:42 PM

Corey

There is an implicit part of the answer by Ankur and I think it helps to make it explicit. If you add the log keyword to the access list, then you also need to apply the access list to appropriate interface(s). And you would need to determine if there is any interaction between this access list and any other access lists that may be applied on any interface.

I believe that you were probably looking for the debug ip packet 199 as Ankur has said. This modifies the debug output and only shows traffic that matches the access list. This can be very effective in reducing the impact of a debug that is potentially very disruptive.

Also if you are telnetted to a router when you do this you will need to do terminal monitor so that you can see the debug output.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents