morwisconsin.blogg.se - Cisco asdm packet tracer

In the above code, replace with the IP address of your Auvik collector. Depending on the firmware version running on your ASA, you may find that a mask needs to be added to the above command. Threat-detection scanning-threat shun except Run the following commands on your Cisco ASA in privileged exec mode: configure terminal This confirms that the ASA is shunning the Auvik collector. Under Info, you should see (shunned) Packet shunned. If your trace contains an error message that says RESULT - The packet is dropped, collapse the plus sign to view additional diagnostic info. Contact our support team for help with additional troubleshooting. If your trace comes back with no errors (i.e., all green check marks), then shunning is not the issue. The trace will begin as indicated by the animation.

Click the Start button to begin the trace.

For Source Port and Destination Port, enter 443, which is the port for HTTPS traffic.

In the Destination field, select FQDN.

In the Source field, enter the IP address of your Auvik collector.

(This is typically your inside or management interface.)

From the Interface drop-down, select the interface that points towards your Auvik collector.

From the Tools menu, select Packet Tracer.

You have the IP address of your Auvik collector handy.

You’re performing this troubleshooting during a period of connectivity loss.

You have Cisco ASDM installed and configured (with administrative rights) on a workstation.

If it is, there are a couple of commands you can run to whitelist the Auvik collector from the ASA’s threat detection engine.

Using Cisco ASDM, you can test if Auvik is losing upstream connectivity to your WAN because of shunning. If your Auvik collector is intermittently disconnecting from our servers or losing Internet connectivity altogether and you have a Cisco ASA on your network’s perimeter, the ASA may be shunning the Auvik collector as a result of aggressive threat detection.