Archive for January, 2013

ASA Troubleshooting: Packet-Tracer and Capture

January 21st, 2013 Comments off

Cisco has released an incredible new feature in ASA software version 7.2(1) that virtually eliminates the guesswork. Packet-tracer allows a firewall administrator to inject a virtual packet into the security appliance and track the flow from ingress to egress. Along the way, the packet is evaluated against flow and route lookups, ACLs, protocol inspection, NAT, and IDS. The power of the utility comes from the ability to simulate real-world traffic by specifying source and destination addresses with protocol and port information.

Packet-tracer is available both from the CLI and in the ASDM. The ASDM version even includes animation (the value of which is questionable, but it is fun to watch), and the ability to navigate quickly to a failed policy.

CLI syntax:


Packet-tracer does more than just inject a ‘virtual’ packet into the data-plane. One can also add the ‘trace’ option to the capture command, so that actual packets the security appliance receives (which are matched by the capture) are also traced.

To view the packet-trace from captured packet #3 in the capture, use the command:

Categories: Networking

My PMP certificate finally arrived

January 15th, 2013 Comments off

HR came and asked me to take some vacation days because I had so many left. So I stayed home for 2 weeks and pushed full force on my studying plan. I was able to pass the exam about 2 months earlier than the original plan with a full time job.

Some said “It’s not the destination, it how you get there” , I enjoyed this journey.


Categories: Project Management