Troubleshoot an ASA Device Security Policy
Procedure
Step 1 | In the left pane, click . |
Step 2 | Select your ASA and view troubleshooting details in the Troubleshooting pane. |
Step 3 | In the pane, select the interface and packet type you want to send virtually through your ASA. |
Step 4 | (Optional) If you want to trace a packet where the security group tag value is embedded in the Layer 2 CMD header (Trustsec), check SGT number and enter the security group tag number, 0-65535. |
Step 5 | Specify the source and destination. You can specify IPv4 or IPv6 addresses, fully-qualified domain names (FQDN), or security group names or tags if you use Cisco Trustsec. For the source address, you can also specify a username in the format Domain\username. |
Step 6 | Specify other protocol characteristics:
|
Step 7 | Click Run Packet Tracer. |
Step 8 | Continue with Analyze Packet Tracer Results. |