Integration Debugging Information

Similar documents
Troubleshooting. Testing Your Configuration CHAPTER

Summer Webinar Series

Configuring Cisco Mobility Advantage

Troubleshooting the Security Appliance

CISCO EXAM QUESTIONS & ANSWERS

Configuring Cisco Adaptive Security Appliance for SIP Federation

Access Rules. Controlling Network Access

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0)

Exam Name: Implementing Cisco Edge Network Security Solutions

Testing and Troubleshooting

Configuring Management Access

Overview of the Cisco NCS Command-Line Interface

Configuring the Hostname, Domain Name, Passwords, and Other Basic Settings

KillTest. 半年免费更新服务

Configuring Logging. Information About Logging CHAPTER

Interdomain Federation with Skype for Business

CertifyMe. CertifyMe

Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2

Configuring the Cisco Phone Proxy

Trace Field Descriptions

Using Cisco Unified SIP Proxy Software

Fundamentals of Network Security v1.1 Scope and Sequence

Certified Cisco Networking Associate v1.1 ( )

Interdomain Federation for IM and Presence Service on Cisco Unified Communications Manager, Release 10.5(1)

Configure the ASA for Dual Internal Networks

Logging. About Logging. This chapter describes how to log system messages and use them for troubleshooting.

Exam Actual. Higher Quality. Better Service! QUESTION & ANSWER

Before Contacting Technical Support

Interdomain Federation for the IM and Presence Service, Release 10.x

ASACAMP - ASA Lab Camp (5316)

Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM

PIX/ASA as a DHCP Server and Client Configuration Example

PIX/ASA: PPPoE Client Configuration Example

Cisco CCNP Security Exam

NAC Appliance (Cisco Clean Access) In Band Virtual Gateway for Remote Access VPN Configuration Example

Logging. About Logging. This chapter describes how to log system messages and use them for troubleshooting.

Lab Applying a Logical Layered Model to a Physical Network

HPE Security ArcSight Connectors

Deploying Cisco ASA Firewall Features (FIREWALL) v1.0. Global Knowledge European Remote Labs Instructor Guide

IM and Presence Service Configuration for SIP Federation

DMP 128 Plus C V DMP 128 Plus C V AT. Cisco CUCM Configuration Guide REVISION: 1.1 DATE: SEPTEMBER 1 ST 2017

Laboration 2 Troubleshooting Switching and First-Hop Redundancy

New Features for ASA Version 9.0(2)

Managing CX Devices in Multiple Device Mode

Configuring Routes on the ACE

Cisco Exam. Volume: 223 Questions. Question No: 1 Which three commands can be used to harden a switch? (Choose three.)

Configuring ARP CHAPTER 5

IM and Presence Service Configuration for XMPP Federation

Read the following information carefully, before you begin an upgrade.

Using ASDM to manage a FirePOWER module on ASA

CISCO EXAM QUESTIONS & ANSWERS

TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified

Modular Policy Framework. Class Maps SECTION 4. Advanced Configuration

Configuring System Message Logging

ARP Inspection and the MAC Address Table for Transparent Firewall Mode

Configuring Ethernet Management Ports

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

Managing Security Certificates in Cisco Unified Operating System

Transparent or Routed Firewall Mode

Configuring Ethernet Management Ports

Overview of this Integration

Cisco - ASA Lab Camp v9.0

Chapter 3 Review Questions

CISCO EXAM QUESTIONS & ANSWERS

Interdomain Federation with Office 365

Cisco Catalyst Operating System Software Release 8.6 for Cisco Catalyst 6500 Series Switches

SYSLOG Enhancements for Cisco IOS EasyVPN Server

Configuring the Cisco NAM 2220 Appliance

Use of the TCP/IP Protocols and the OSI Model in Packet Tracer

CISCO EXAM QUESTIONS & ANSWERS

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

Using the Management Ethernet Interface

Firewall Stateful Inspection of ICMP

Monitoring the Security Appliance

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

Use Direct IP Address Calls Between Two Endpoints to Troubleshoot Call Quality Issues

Overview. ACE Appliance Device Manager Overview CHAPTER

ASA 8.x/ASDM 6.x: Add New VPN Peer Information in an Existing Site-to-Site VPN using ASDM

Managing Services Modules

This document describes the configuration of Secure Sockets Layer (SSL) decryption on the FirePOWER Module using ASDM (On-Box Management).

Firewall Stateful Inspection of ICMP

RealPresence Access Director System Administrator s Guide

CompTIA Exam JK0-023 CompTIA Network+ certification Version: 5.0 [ Total Questions: 1112 ]

tcp-map through type echo Commands

VPN Configuration Guide. Cisco ASA 5500 Series

PIX/ASA 7.x ASDM: Restrict the Network Access of Remote Access VPN Users

A. On the VCS, navigate to Configuration, Protocols, H.323, and set Auto Discover to off.

ASA 8.X and later: Add or Modify an Access List through the ASDM GUI Configuration Example

Cisco Passguide Exam Questions & Answers

Mobile MOUSe ROUTING AND SWITCHING FUNDAMENTALS ONLINE COURSE OUTLINE

Configuring DHCP, DDNS, and WCCP Services

PT Activity: Configuring a Zone-Based Policy Firewall (ZPF)

FTD: How to enable TCP State Bypass Configuration using FlexConfig Policy

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Oracle Enterprise Communications Broker Release Notes. Release P-CZ2.2.0

Platform Settings for Firepower Threat Defense

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Cisco CISCO Securing Networks with ASA Advanced. Practice Test. Version

Inspection of Router-Generated Traffic

Transcription:

APPENDIXC June 18, 2013, Debugging Information for Cisco Adaptive Security Appliance, page C-1 Debugging Access Edge and OCS Server, page C-5 Debugging Information for Cisco Adaptive Security Appliance Cisco Adaptive Security Appliance Debugging Commands, page C-1 Capturing the Output on the Internal and External Interfaces, page C-3 TLS Proxy Debugging Commands, page C-3 Cisco Adaptive Security Appliance Debugging Commands Table C-1 lists the debugging commands for the Cisco Adaptive Security Appliance. Table C-1 Cisco Security Appliance Debugging Command To Use the Command Notes Show ICMP packet information for pings to the Cisco Adaptive Security Appliance interfaces Show messages relating to the certificate validation between Cisco Unified Presence/Cisco Adaptive Security Appliance or Cisco Adaptive Security Appliance/for eign domain Show the SIP messages sent through Cisco Adaptive Security Appliance debug icmp trace debug crypto ca debug crypto ca messages debug crypto ca transactions debug sip We strongly recommend that you disable debug messages once you have completed your troubleshooting. To disable ICMP debug messages, use the no debug icmp trace command. You can increase log level on ASA by adding the log level parameter to this command, for example: debug crypto ca 3 Shows only debug messages for input and output messages Shows only debug messages for transactions C-1

Debugging Information for Cisco Adaptive Security Appliance Appendix C Table C-1 Cisco Security Appliance Debugging Command (continued) To Use the Command Notes Send log messages to a buffer (for later terminal monitor viewing) Enable system log messages logging on We strongly recommend that you disable system log messages once you have completed your troubleshooting. To disable system log messages, use the no logging on command. Send system log messages to a buffer logging buffer debug Set system log messages to be sent to Telnet or SSH sessions logging monitor debug Designate a (syslog) server to receive the system log messages logging host <interface_name> <ip_ address> The interface_name argument specifies the Cisco Adaptive Security Appliance interface through which you access the syslog server. The ip_address argument specifies the IP address of the syslog server. Ping the Interfaces ping Refer to the Troubleshooting section of the Cisco Security Appliance Command Line Configuration Guide for details on pinging the Cisco Adaptive Security Appliance interfaces, and also pinging between hosts on different interfaces to ensure that the traffic can pass successfully through the Cisco Adaptive Security Appliance. You can also ping an interface in ASDM by selecting Tools > Ping. Note You will not be able to ping the public Cisco Unified Presence IP address. However the MAC address of the ASA outside interface should appear in the ARP table (arp a). Trace the route of a packet traceroute You can also trace the route of a packet in ASDM via Tools > Traceroute. Trace the life span of a packet through the Cisco Adaptive Security Appliance packet-tracer You can also trace the life span of a packet in ASDM via Tools > Packet Tracer. Related Topics TLS Proxy Debugging Commands, page C-3 C-2

Appendix C Debugging Information for Cisco Adaptive Security Appliance Capturing the Output on the Internal and External Interfaces Procedure Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Enter config mode: >Enable >password >config t Define an access-list to specify the traffic to be captured, for example: access-list cap extended permit ip 10.53.0.0 255.255.0.0 10.53.0.0 255.255.0.0 It is recommended that you clear the capture content before starting the tests. Use the command clear capture in to clear the internal interface capture, and the command clear capture out to clear the external interface capture. Enter this command to capture the packets on the internal interface: cap in interface inside access-list cap Enter this command to capture the packets on the external interface: cap out interface outside access-list cap Enter this command to capture TLS specific packets: capture <capture_name> type tls-proxy interface <interface_name> Enter this command to retrieve the packet capture: copy /pcap capture:in tftp://xx.xx.xx.xx copy /pcap capture:out tftp://xx.xx.xx.xx Enter this command to copy the output to disk and retrieve using ASDM (Actions > File Management > File Transfer): copy /pcap capture:in disk0:in_1 TLS Proxy Debugging Commands Table C-2 lists the debugging commands for the TLS Proxy. Table C-2 TLS Proxy Debugging Commands To Enable TLS proxy-related debug and syslog output Show a TLS proxy session output Use the Command(s) debug inspect tls-proxy events debug inspect tls-proxy errors debug inspect tls-proxy all show log C-3

Debugging Information for Cisco Adaptive Security Appliance Appendix C Table C-2 TLS Proxy Debugging Commands To Check the active TLS proxy sessions View the detail of the current TLS proxy sessions (Use when Cisco Adaptive Security Appliance successfully establishes connections with Cisco Unified Presence and the foreign domain) Use the Command(s) show tls-proxy show tls-proxy session detail C-4

Appendix C Debugging Access Edge and OCS Server Debugging Access Edge and OCS Server Initiating a Debug Session on OCS/Access Edge, page C-5 Verifying the DNS Configuration on Access Edge, page C-5 Initiating a Debug Session on OCS/Access Edge Procedure Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Select Start > Administrative Tools > Computer Management on the external Access Edge server. Right-click Microsoft Office Communications Server 2007 in the left pane. Select Logging Tool > New Debug Session. Select SIP Stack in the Logging Options. Select All for the Level value. Select Start Logging. Select Stop Logging when complete. Select Analyze Log Files. Verifying the DNS Configuration on Access Edge Procedure Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 On the external Access Edge server, select Start > Administrative Tools > Computer Management. Right-click on Microsoft Office Communications Server 2007in the left pane. Select the Block tab. Check that the domain not blocked. Ensure that the following options are selected in the Access Methods pane: Federate with other domains Allow discovery of federation partners Check the Access Edge is publishing DNS SRV records. C-5

Debugging Access Edge and OCS Server Appendix C C-6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback