Cisco Cisco Web Security Appliance S170 Guía Del Usuario
A-10
Cisco AsyncOS 8.0.6 for Web User Guide
Appendix A Troubleshooting
Policy Problems
Policy Troubleshooting Tool: Policy Trace
•
•
•
•
About the Policy Trace Tool
The Policy Trace Tool can emulate a client request and then detail how the Web Proxy processes that
request. It can be used to trace client requests and debug policy processing when troubleshooting Web
Proxy issues. You may perform a basic trace or you may enter advanced trace settings and override
options.
request. It can be used to trace client requests and debug policy processing when troubleshooting Web
Proxy issues. You may perform a basic trace or you may enter advanced trace settings and override
options.
The policy trace tool evaluates requests against polices used by the Web Proxy only. These are Access,
Encrypted HTTPS Management, Routing, Data Security, and Outbound Malware Scanning polices.
Encrypted HTTPS Management, Routing, Data Security, and Outbound Malware Scanning polices.
Note
SOCKS and External DLP polices are not evaluated by the policy trace tool.
Note
When you use the policy trace tool, the Web Proxy does not record the requests in the access log or
reporting database
reporting database
Tracing Client Requests
Step 1
Choose System Administration > Policy Trace.
Step 2
Enter the URL you wish to trace to in the URL field.
Step 3
(Optional) Enter additional emulation parameters:
Step 4
Click Find Policy Match.
Table A-1
To emulate...
Enter...
The client source IP used to make the request.
An IP address in the Client IP Address field.
Note
If no IP address is specified, AsyncOS uses
localhost
localhost
The authentication credentials used to make the
request.
request.
A user name in the User Name field and select an
authentication realm in the Authentication Realm
drop-down list.
authentication realm in the Authentication Realm
drop-down list.
Note
For authentication to work for the user you
enter here, the user must have already
successfully authenticated through the Web
Security appliance.
enter here, the user must have already
successfully authenticated through the Web
Security appliance.