Handling tcp packet loss, Reloading the asa, Performing password recovery – Cisco ASA 5505 User Manual
Page 1864
82-8
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 82 Troubleshooting
Reloading the ASA
•
Debug all packet drops in a production network.
•
Verify the configuration is working as intended.
•
Show all rules applicable to a packet, along with the CLI commands that caused the rule addition.
•
Show a time line of packet changes in a data path.
•
Inject tracer packets into the data path.
•
Search for an IPv4 or IPv6 address based on the user identity and the FQDN.
To trace packets, enter the following command:
Handling TCP Packet Loss
To troubleshoot TCP packet loss, see the
“Customizing the TCP Normalizer with a TCP Map” section
for more information.
Reloading the ASA
To reload the ASA, enter the following command:
Performing Password Recovery
This section describes how to recover passwords if you have forgotten them or you are locked out
because of AAA settings, and how to disable password recovery for extra security. This section includes
the following topics:
•
Recovering Passwords for the ASA, page 82-9
Command
Purpose
packet-tracer input
[ifc_name] [icmp [sip | user
username | fqdn fqdn-string] type code ident [dip |
fqdn
fqdn-string]] | [tcp [sip | user username |
fqdn
fqdn-string] sport [dip | fqdn fqdn-string]
dport] | [udp [sip | user username | fqdn fqdn-
string] sport [dip | fqdn fqdn-string] dport] |
[rawip [sip | user username | fqdn fqdn-string] [dip
| fqdn fqdn-string]] [detailed] [xml]
Example:
hostname# packet-tracer input inside tcp 10.2.25.3
www 209.165.202.158 aol detailed
Provides detailed information about the packets and how they
are processed by the ASA. The example shows how to enable
packet tracing from inside host 10.2.25.3 to external host
209.165.202.158, including detailed information.
Command
Purpose
reload
Example:
hostname (config)# reload
Restarts the ASA.
Note
In multiple mode, you can only reload from the system execution
space.