Finally found a way to dump packets on a Cisco Router for tracing.
Router (config)# logging buffered 15000 (this creates a large enough buffer to look at locally on the router,or you can configure the router to log the ACL matches to a Syslog Server).
Router (config)# access-list 101 permit tcp any gt 0 any gt 0 log
Router (config)# access-list 101 permit udp any gt 0 any gt 0 log
Router (config)# access-list 101 permit icmp any any
Router (config)# access-list 101 permit ip any any log (this entry is a â€œcatch-allâ€)
Router (config)# interface interfaceRouter (config-if)# ip access-group 101 in
Look at the log by using the show log command from the exec prompt. You should see IP addresses (source and destination), along with the used TCP or UDP ports (in parentheses):
One of the issues with the above is rate limiting on access-list’s, another way to trace packets is with debug, while this can be dangous, it can be usefull to. No need to use log in the access list.
no ip cef
!disable route cache
no ip route-cache
debug ip packet detail 101