Hi guys,
I'm wondering is there the capacity on the srx platform to self generate traffic to test a policy rule?
The Cisco ASA can do it using the following commands:
acket-tracer input public rawip 201.201.201.201 51 146.247.40.125
Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 146.247.40.125 255.255.255.255 identity
Phase: 2
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
Phase: 3
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Result:
input-interface: public
input-status: up
input-line-status: up
output-interface: NP Identity Ifc
output-status: up
output-line-status: up
Action: drop
Drop-reason: (np-sp-invalid-spi) Invalid SPI
Thanks,
Paul