Solved

Cisco IP Debuggin Not Working

Posted on 2004-08-09
9
1,294 Views
Last Modified: 2012-05-05
I am having problems getting DEBUG IP ICMP to work on my 7507.  This router have one fast ethernet interface and several serial interfaces as it serves as my frame relay router.

I have made sure that my NO IP ROUTE-CACHE command is applied to the interface that the packets I want to watch are comming from, but still no luck.  I have also tried applying an access list to no avail.

I'm just trying to ping between two 7507 routers.  

This is causing me to not be able to troubleshoot a routing issue right now on my backbone.

Suggestions?
0
Comment
Question by:TroyGA
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 11758166
Are you using a telnet session, or straight on the console port?
If using telnet, issue "term mon" command
0
 
LVL 1

Author Comment

by:TroyGA
ID: 11758562
Forgot to add that in ; yes using a telnet session with the following commands:

debug ip icmp
ter mon


0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11758630
0
 
LVL 1

Author Comment

by:TroyGA
ID: 11762250
I looked over the two articles listed here and have tried everything suggested.

Not using CEF or any other fast switch mechanisms.

It's just not working =/
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 4

Expert Comment

by:celsmk
ID: 11800685
In order to have your debugging messages appear in a console, you need the following:
1) Define target logging level:
    Level       Keyword       Description
    0         emergencies   System is unusable.
    1         alerts             Immediate action is needed.
    2         critical            Critical conditions exist.
    3          errors            Error conditions exist.
    4          warnings        Warning conditions exist.
    5          notification     Normal, but significant, conditions exist.
    6          informational  Informational messages.
    7          debugging      Debugging messages.
2) Define where you want to output logs: console, monitor (telnet session) or syslog
3) Configure logging:
    config t
    logging console <logging level>   <----if you want logging to serial port console
    or
    logging buffered                         <----if you want logging to telnet monitor
    logging monitor <logging level>
    or
    logging <ip address>                  <----if you want to log to syslog
    logging trap <level>
4) To see actual monitor logs, "term mon" at telnet session.

In your case:
configure:
logging buffered
logging monitor debug
exit
term mon
debug ip icmp

0
 
LVL 1

Author Comment

by:TroyGA
ID: 11802070
I wish I could say that worked but again, nothing is happening =(
0
 
LVL 4

Expert Comment

by:celsmk
ID: 11802855
A few things to check:
1) Configure "logging on";
2) If you are doing conditional debugging ("debug interface"), make sure you selectec the "right" interfaces, or just do "no debug interface" or "no debug interface all" to reset it;
3) If you are using conditional debugging, double check "debug condition" command nesting.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 11854343

I have had a similar problem sometimes and I never figured out why. You should definitely be able to do it with an access list. for example if you created the following access list and applied it both inbound and outbound, you should see every icmp packet logged:

access-list 100 permit icmp any any log
access-list 100 permit ip any any

All that logging stuff from earlier has nothing to do with whether you will see the debug output, it only affects how it logs the debug. If you set "term mon" in your vty session you will see it. On the console you have to set "logging console" but this is on by default.
0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
ID: 11854371
By the way, the above doesn't rely on debug at all- it's just logging packets. And a correction- if you want to see the logging messages in your term mon then you need to configure "logging level debug"

apply the access list to the appropriate interface with
access-group 100 in
access-group 100 out
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now