First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

How can determine which machine blocked the content

Hi Team,

If I have many appliances in my network as seen below for example. PC -> WSA -> Firewall1 -> Router -> Firewall2

And a request got blocked in Router or somewhere else. How can I find the exact part when the issue occurred, in another work, how can I know which appliance blocked the request.

Mohammad's avatar
1
Mohammad
asked 2020-01-06 20:01:32 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

There are usually few options depending on the exact behaviour of the network elements. First of all if you are lucky, you get a response packet back with an indication of the blockage (could be ICMP), which has the IP address of the blocking node.

Then if the nodes have management interfaces with statistics of some sort you can consult them directly to see if they increase when you send these blocked packets.

If that doesn't happen you wil have to go get a capture of the various network interfaces of the nodes to see if you can trace the packets that get blocked and see which node receives them but doesn't forward them.

Jaap's avatar
13.7k
Jaap
answered 2020-01-07 05:06:09 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer