You can use the diagnose debug flow commands to do a policy simulation. An example of the output:
fw01 (root) # diagnose debug enable
fw01 (root) # diagnose debug flow show console enable
show trace messages on consolefw01 (root) # diagnose debug flow filter addr 10.10.1.25
fw01 (root) # diagnose debug flow trace start 5
You can stop the trace with the following commands:
fw01 (root) # diagnose debug flow trace stop
fw01 (root) # diagnose debug flow show console disable
do not show trace messages on consolefw01 (root) # diagnose debug disable
Leave a Reply