Some usefull debug commands for ASA:
packet-tracer input Internet tcp X.X.X.X http X.X.X.X 6 http
packet-tracer input Internet icmp X.X.X.X 8 0 X.X.X.X detailed
To do a capture:
access-list capin permit ip host 10.10.10.x host 10.10.20.x
access-list capin permit ip host 10.10.20.x host 10.10.10.x
capture in access-list capin interface inside
then initiate the traffic from client to server, and use "show capture capin" to see if you can see the traffic in both directions.
Check IP Route:
show route
show asp table routing
No comments:
Post a Comment