Filter
Top Products
3-10
Cisco ASDM User Guide
OL-16647-01
Chapter 3 Defining Preferences and Using Configuration, Diagnostic, and File Management Tools
Diagnostic Tools
• Loopback testing of two interfaces—A ping may be initiated from one interface to another on the
same security appliance, as an external loopback test to verify basic “up” status and operation of
each interface.
• Pinging to a security appliance—The Ping tool can ping an interface on another security appliance
to verify that it is up and responding.
• Pinging through a security appliance—Ping packets originating from the Ping tool may pass through
an intermediate security appliance on their way to a device. The echo packets will also pass through
two of its interfaces as they return. This procedure can be used to perform a basic test of the
interfaces, operation, and response time of the intermediate unit.
• Pinging to test questionable operation of a network device—A ping may be initiated from an
adaptive security appliance interface to a network device that is suspected to be functioning
incorrectly. If the interface is configured correctly and an echo is not received, there may be
problems with the device.
• Pinging to test intermediate communications—A ping may be initiated from an adaptive security
appliance interface to a network device that is known to be functioning correctly and returning echo
requests. If the echo is received, the correct operation of any intermediate devices and physical
connectivity is confirmed.
Troubleshooting the Ping Tool
When pings fail to receive an echo, it may be the result of a configuration or operational error in an
adaptive security appliance, and not necessarily because of no response from the IP address being
pinged. Before using the Ping tool to ping from, to, or through an adaptive security appliance interface,
perform the following basic checks:
• Verify that interfaces are configured by choosing Configuration > Device Setup > Interfaces.
• Verify that devices in the intermediate communications path, such as switches or routers, are
correctly delivering other types of network traffic.
• Make sure that traffic of other types from “known good” sources is being passed by choosing
Monitoring > Interfaces > Interface Graphs.
Pinging from a Security Appliance Interface
For basic testing of an interface, you can initiate a ping from an adaptive security appliance interface to
a network device that you know is functioning correctly and returning replies via the intermediate
communications path. For basic testing, make sure you do the following:
• Verify receipt of the ping from the adaptive security appliance interface by the “known good”
device. If the ping is not received, a problem with the transmitting hardware or interface
configuration may exist.
• If the adaptive security appliance interface is configured correctly and it does not receive an echo
reply from the “known good” device, problems with the interface hardware receiving function may
exist. If a different interface with “known good” receiving capability can receive an echo after
pinging the same “known good” device, the hardware receiving problem of the first interface is
confirmed.