Debug
The debug icmp trace command is used to capture the ICMP traffic of the user.
ciscoasa#debug icmp trace
The user pings the inside interface of the ASA (ping 192.168.1.1). This output is displayed on the console.
ciscoasa#
!- Output is suppressed.
ICMP echo request from 192.168.1.50 to 192.168.1.1 ID=512 seq=5120 len=32
ICMP echo reply from 192.168.1.1 to 192.168.1.50 ID=512 seq=5120 len=32
!- The user IP address is 192.168.1.50.
In order to disable debug icmp trace, use one of these commands:
no debug icmp trace
undebug icmp trace
undebug all, Undebug all, or un all
Each of these three options helps the administrator to determine the source IP address. In this example, the source IP address of the user is 192.168.1.50. The administrator is ready to learn more about application X and determine the cause of the problem.
No comments:
Post a Comment