On SRX, there is now a handy feature introduced in 12.1X46-D10. You can enable flow trace without going into configuration on the operational mode. I believe this will make troubleshooting easier as it saves time if you need to try different flow filters. Here is how you can enable a sample ICMP flow trace for
Read More »

Did you know that if you enable packet-mode in traffic interface of an SRX box, host inbound traffic isn’t allowed anymore? Device can still process transit traffic but inbound traffic won’t work. For example, apply a filter like below to an interface and try to SSH to IP 98.1.1.1, you shouldn’t be allowed. #show interfaces
Read More »

I wasn’t planning to put my notes about packet capture here today but I have got an issue with my ESX server file upload component. I kept receiving “I/O Error” during a file upload to datastore directly or big (e.g 1-2 GB) ova file deployments. I took several captures with no positive result in the
Read More »

If you want to debug a packet flow you can use the following config by which testdebug.log file will contain icmp traffic debugs. [edit security flow] root@host# show traceoptions {     file testdebug.log;     flag basic-datapath;     packet-filter look-icmp {         protocol icmp;     } }