Cisco ASA ACL is blocking or permiting traffic

How to tell if Cisco ASA ACL is blocking or permiting traffic, test your ACL

Test you Cisco ASA or PIX ACL (access control list) to see if the ACL is permit traffic or blocking it.

Example command – packet-tracer input inside tcp 10.1.1.1 1024 10.4.1.1 23

What is the expected output command in an allowed flow situation?

primary# packet-tracer input inside tcp 10.1.1.1 1024 10.4.1.1 23

Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow

There will be 9 or 10 more phases before this. If the Action is deny then look at those phases to determine what is blocking or denying your IP traffic.

2009: 02/26
CATEGORY: Cisco
Write comment

Brain Dumps For All

How to tell if Cisco ASA ACL is blocking or permiting traffic, test your ACL

I use this, so I recommend it.

Whats Hots

SEARCH