| Exam 300-209 | Question id=1710 | Troubleshooting, Monitoring and Reporting Tools |
A user with IP address 10.10.10.10 is unable to access a HTTP website at IP address 209.165.200.225 through a Cisco ASA. Which two features and commands will help troubleshoot the issue?
| A. |
Capture user traffic using command
capture capin interface inside match ip host 10.10.10.10 any
| |
| B. |
After verifying that user traffic reaches the firewall using syslogs or captures, use packet tracer command
packet-tracer input inside tcp 10.10.10.10 1234 209.165.200.225 80
| |
| C. |
Enable logging at level 1 and check the syslogs using commands
logging enable
logging buffered 1
show logging | include 10.10.10.10
| |
| D. |
Check if an access-list on the firewall is blocking the user by using command
show running-config access-list | include 10.10.10.10
| |
| E. |
Use packet tracer command
packet-tracer input inside udp 0.10.10.10 1234192.168.1.3 161
to see what the firewall is doing with the user's traffic |