69-18
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 69 Using External Monitoring, Troubleshooting, and Diagnostic Tools
Using the Packet Capture Wizard
Step 6 If desired, select Specify Source Interface or IP Address, and then do one of the following:
Select a source Interface from the dropdown list
Enter an IP Address
Step 7 If desired, select Reverse Resolve to reverse between displaying the address or hostname.
Step 8 If desired, select ICMP to use that protocol rather than IP.
Step 9 Click Trac e.
The traceroute terminates when the packet reaches the destination or when the TTL Max value is
reached. The hops taken and the device address corresponding to each hop are displayed.

Analyzing Configuration Using NS Lookup

You use the NS Lookup tool to look up a remote host address when you have the hostname, or to look
up the hostname when you have the address.
Unlike the Ping and Traceroute tools, NS Lookup is done on the Security Manager client.
Step 1 In Device view, select Tools > Ping, TraceRoute and NS Lookup . . ..
The Ping, TraceRoute and NS Lookup dialog box appears.
Step 2 Select the NS Lookup tab.
Step 3 Enter an address or hostname in IPv4Address/Hostname.
Alternatively, click Select to choose a host network/host object that defines the IP address.
Step 4 Optionally, to employ a particular DNS server in the lookup, enter the server’s name or address in DNS
Server.
Step 5 Click Lookup.
The system displays the particular address/hostname pair, as well as the DNS server used in the lookup.
Using the Packet Capture Wizard
You can use the Packet Capture Wizard to configure, run, view, and save captures for troubleshooting
errors. The captures can be run using preconfigured access lists or using match criteria of packet
parameters such as source and destination addresses/ports on one or more interfaces. The wizard runs
one capture on each of the ingress and egress interfaces. You can save the captures on the Cisco Security
Manager client computer to examine them using a packet analyzer.
TTL Min[optional] The minimum TTL value for the first probes. (Default is 1.)
TTL Max[optional] The maximum TTL value for the first probes.(Default is 30.)
Table69-5 Traceroute Fields (Continued)
Field Description