11-01-2016 08:49 AM - edited 11-01-2016 09:07 AM
Trying to utilize the "test security-policy-match" command to accomplish what I normally accomplish on the Cisco ASA using the packet tracer.
On the firewall
1- I have multiple interfaces configured with multiple zones/VR's
2- I need to test access to couple of destinations on a specific port
3- I am trying to use the any command in there but it returns an error
test security-policy-match protocol 6 from any to any destination 172.21.10.183 destination-port 8443
Is there a way for me to test that access outbound to the destination from all the zones or will I need to do them all one by one specifying the zone and then source IP?
I'm guessing I'll need to do it like this to get precise results
test security-policy-match protocol 6 from zone source #.#.#.# to zone destination 172.21.10.183 destination-port 8443
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
