General Diagnostic in Security Groups

Based on the OSI model, you can run these commands:

Layer
Number

Layer
Name

Recommended
Diagnostic Commands

7

Application

N / A

6

Presentation

  • For information about the Firewall drops, run this command in the Expert mode:

    drop_monitor

    See Packet Drop Monitoring (drop_monitor).

  • For information about the Firewall drops, run this command in the Expert mode:

    g_fw ctl zdebug + drop

  • For information about the Software Blade Updates, run this command in the Expert mode:

    asg_swb_update_verifier

    See Collecting System Diagnostics (smo verifiers).

  • Examine the Security Gateway logs on the Management Server or Log Server

5

Session

  • For information about the Connections table, run this command in the Expert mode:

    g_fw tab -t connections -s

  • For information about the Firewall drops, run this command in the Expert mode:

    g_fw ctl zdebug + drop

  • For information about the performance, run this command in Gaia gClish or the Expert mode:

    asg perf -v -p

    See Monitoring Performance (asg perf).

  • For information about the VSX mode, run this command:

    asg perf -vs all -v --vvxxx

    See Monitoring Performance (asg perf).

4

Transport

  • For information about the Correction Layer and traffic flow, use the g_tcpdump command in the Expert mode

    See Multi-blade Traffic Capture (tcpdump).

  • For information about the VPN, examine the Security Gateway logs on the Management Server or Log Server

3

Network

2

Data Link

1

Physical

  • Run this command in Gaia gClish:

    show maestro port <Port>

  • For information about the Bond interfaces, run this command in the Expert mode:

    cat /proc/net/bonding/<Name of Bond Interface>

  • For information about the Port Link, run this command in the Expert mode:

    ethtool ethsBP<X>-<XX>

  • For information about the interface statistics, run this command in the Expert mode:

    ethtool -S ethsBP<X>-<XX>