The packet-tracer comman can be used in privilege EXEC mode to generate packet against a firewall's current configurations.
It allows administrator to inject a virtual packet into the ASA and track the flow from ingress to egress, along the way, the packet is evaluated agains flow and route lookup, ACLs, protocol inspection, NAT, and IDS
If the traffic you are trying to get forwarded by an ASA from one of its interface to another of its interface is not working then "packet-tracer" tool can help you pinpoint exactly what in ASA is blocking your traffic to be forwarded. The power of this utility comes from the ability to simulate real-word traffic by specifying source and destination addresses with protocol and port information
The following link is an interesting YOUTUBE video that show how to use this tool using ASDM : Click Right Here To Access The Video
No comments:
Post a Comment