Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
38-31
Cisco AsyncOS 8.5 for Email User Guide
Chapter 38 Testing and Troubleshooting
Working with Technical Support
Checking the Status of the Support Connection
Procedure
Step 1
From the command-line interface, enter the
techsupport
command.
Step 2
Enter
status
.
Running a Packet Capture
Packet Capture allows support personnel to see the TCP/IP data and other packets going into and out of
the appliance. This allows Support to debug the network setup and to discover what network traffic is
reaching the appliance or leaving the appliance.
the appliance. This allows Support to debug the network setup and to discover what network traffic is
reaching the appliance or leaving the appliance.
Procedure
Step 1
Choose Help and Support > Packet Capture.
Step 2
Specify packet capture settings:
a.
In the Packet Capture Settings section, click Edit Settings.
b.
(Optional) Enter duration, limits, and filters for the packet capture.
Your Support representative may give you guidance on these settings.
If you enter a capture duration without specifying a unit of time, AsyncOS uses seconds by default.
In the Filters section:
–
Custom filters can use any syntax supported by the UNIX
tcpdump
command, such as
host
10.10.10.10 && port 80
.
–
The client IP is the IP address of the machine connecting to the appliance, such as a mail client
sending messages through the Email Security appliance.
sending messages through the Email Security appliance.
–
The server IP is the IP address of the machine to which the appliance is connecting, such as an
Exchange server to which the appliance is delivering messages.
Exchange server to which the appliance is delivering messages.
You can use the client and server IP addresses to track traffic between a specific client and a
specific server, with the Email Security appliance in the middle.
specific server, with the Email Security appliance in the middle.
c.
Click Submit.
Step 3
Click Start Capture.
•
Only one capture may be running at a time.
•
When a packet capture is running, the Packet Capture page shows the status of the capture in
progress by showing the current statistics, such as file size and time elapsed.
progress by showing the current statistics, such as file size and time elapsed.
•
The GUI only displays packet captures started in the GUI, not from the CLI. Similarly, the CLI only
displays the status of a current packet capture run started in the CLI.
displays the status of a current packet capture run started in the CLI.
•
The packet capture file is split into ten parts. If the file reaches the maximum size limit before the
packet capture ends, the oldest part of the file is deleted (the data is discarded) and a new part starts
with the current packet capture data. Only 1/10 of the packet capture file is discarded at a time.
packet capture ends, the oldest part of the file is deleted (the data is discarded) and a new part starts
with the current packet capture data. Only 1/10 of the packet capture file is discarded at a time.