Cisco Systems OL-24201-01 manual Performing Connectivity Tests, Diagnostic Tool Description, 14-3

Egress (SGACL) Policy

Compares the Egress Policy (SGACL) between a network device and ACS.

See Comparing SGACL Policy Between a Network Device and ACS,

page 14-11for more information.

SXP-IP Mappings

Compares SXP mappings between a device and peers. See Comparing the

SXP-IP Mappings Between a Device and its Peers, page 14-12for more

information.

IP User SGT

Compares IP-SGTs on a device with ACS authentication-assigned

User-IP-SGT records. See Comparing IP-SGT Pairs on a Device with

ACS-Assigned SGT Records, page 14-14for more information.

Device SGT

Compares device SGT with ACS-assigned SGT. See Comparing Device

SGT with ACS-Assigned Device SGT, page 14-15for more information.

Option

Description

Hostname or IP Address

Enter the hostname or IP address of a connection you want to test. Click Clear to clear the

hostname or IP address that you have entered.

ping

Click to see the ping command output, where you can view the packets sent and received, packet

loss (if any) and the time for the test to complete.

traceroute

Click to see the traceroute command output, where you can view the intermediary IP addresses

(hops) between your ACS and the tested hostname or IP address, and the time for each hop to

complete.

nslookup

Click to see the nslookup command output, where you can see the server and IP address of your

tested domain name server hostname or IP address.

User Guide for Cisco Secure Access Control System 5.3

OL-24201-01

14-3