Link to home
Start Free TrialLog in
Avatar of Jacob Durham
Jacob DurhamFlag for United States of America

asked on

Debug a single ip address on ASA 5515

I need to debug/monitor traffic from a specific IP on a Cisco ASA 5515.

I want the terminal to display information about traffic from a certain IP address in the terminal monitor of my ASA

I assume it something like debug ip 192.168.4.4

Is this possible?
Avatar of ArneLovius
ArneLovius
Flag of United Kingdom of Great Britain and Northern Ireland image
The debug comand is for processes, an IP address is not a process, so "debug <ip address>" will not work.

ASA firewalls have a packet capture capability (like tcpdump) which can be configured to only capture specific packets, but I would guesss from your question that you are more interested in what the ASA does (allow/deny etc) to packets that involve a specific host.

if you were instead interested in what the ASA does to traffic that involves a specific adddress, you could set the log output to debug, and then filtered the log on the IP address of interest.
ASKER CERTIFIED SOLUTION
Avatar of Pete Long
Pete Long
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Jacob Durham
Jacob Durham
Flag of United States of America image

ASKER

Thank you. This gave me what I needed.