Packet Path Detection

Packet Path Detection Configuration

Diagnosis > Troubleshooting > Packet Path Detection

In the Packet Path Detection page, users can configure the packet path detection configurations and view the detection results in the report. You can configure the following configurations in this page:

Emulation detection
Online detection
Imported detection
Detected source

Emulation Detection

To perform the emulation detection, take the following steps:

Click Choose Detected Source. The Choose Detected Source dialog appears.
Select Emulation Packet and configure the corresponding settings. For detailed information, view the Options in the Emulation Packet dialog table as shown below.
Click Start to starts the detection. The system displays the detection flow in the flow chart and describes the detection process in the Detection Process tab. The flow chart contains all modules the packets passes in the system. After the detection for a particular module is completed, the status indicator above the module indicates the detection results.
- Green indicator (): Indicates the detection for this module has been passed. The system will proceed with the detection. Hover your mouse over this step to view its introduction.
- Yellow indicator (): Indicates the detection for this module has been passed, but there are potential security risks. The system will proceed with the detection. Hover your mouse over this step to view its introduction and the detection results. You can click the View Results link in the pop-up Detection Result tab to view the detailed detection report.
- Red indicator (): Indicates the detection for this module fails to pass. The system has stopped the detection. Hover your mouse over this step to view its introduction and the detection results. You can click the View Results link in the Detection Result tab to view the detailed detection report. If the failure is caused by the policy rule configurations, you can click the link in the Policy Rule step to jump to the policy rule configuration page.

After the detection is completed, view the detection results in the Detection Result tab. The detection results include the status indicator and detection result summary. You can click the View Details link to view the detailed detection report. The meanings of status indicators are as follows:
- Green indicator (): Indicates the detected source has passed all detection.
- Yellow indicator (): Indicates the detected source has passed all detection, but there are potential security risks in one or more steps. You can click the View Details link to view the potential risks and advice.
- Red indicator (): Indicates not all detection is passed by the detected source. You can click the View Details link to view the failure reasons and advice.

Options in the Emulation Packet dialog:

Options	Description
Source Name	Specify the name of the emulation packet.
Ingress Interface	Select the ingress interface of the emulation packet from the drop-down menu.
Src Address	Specify the source IP address of the emulation packet in the text box.
Dst Address	Specify the destination IP address of the emulation packet in the text box.
Protocol	Select the protocol of the emulation packet from the drop-down menu. When selecting TCP or UDP, specify the source and destination ports in the Src Port and Dst Port text boxes; when selecting ICMP, enter the ICMP type and code in the Type and Value text boxes.
Description	Specify the description for this emulation packet.

Buttons in the Emulation Packet dialog:

Options	Description
Zoom Out	Zoom out on the flow chart.
Zoom In	Zoom in on the flow chart.
Pause	Pause the detection.
Continue	Continue the detection.
Replay	Replay the detection.
Speed	Control the flow speed.

Online Detection

To perform the online detection, take the following steps:

Click Choose Detected Source. The Choose Detected Source dialog appears.
Select Online Packet and configure the corresponding settings. For detailed information, view the Options in the Online Packet dialog table as shown below.
Click Start to starts the detection. The system displays the detection process in the Detection Process tab. If errors occurred during the detection, a flow thumbnail in the area of the flow chart pops up to display the corresponding errors. After the detection is completed, you can click the flow thumbnail to view the details. During each detection process, the system can pop up at most six thumbnails.
After the detection is completed, view the detection results in the Detection Result tab. The detection results include the status indicator and detection result summary. You can click the View Details link to view the detailed detection report. About the meanings of status indicators, view step 3 in Emulation Detection.

Note: If one of the following situations happens during the detection, the system will stop the detection:

Click the Stop button;
Reach the upper limit of the detecting duration. If you do not set the detecting duration, the detecting duration keeps the default value (30 minutes);
The total number of errors of the same type reaches 10, for example, the flow is blocked by a same policy.
The total number of errors of different types reaches 5. Errors of different types mean the errors occurred in different modules or errors occurred in one module but are different types.
After selecting the Capture Packets option, the size of the captured packet file reaches 10M and errors occurred during the detection.

Options in the Online Packet dialog:

Option	Description
Source Name	Specify the name of the online packet.
Ingress Interface	Select the ingress interface of the online packet from the drop-down menu.
Source	Specify the source IP address or the user/user group of the online packet. Address: Select the radio button and enter the IP address in the text box. AAA Server: Select the radio button and select the desired server from the drop-down menu. If the type of the selected AAA server is local, select the corresponding user/user group from the drop-down menu; if the type of the selected AAA server is not local, enter the name of the corresponding user/user group in the text box.
Destination	Specify the destination IP address o of the online packet. Address: Select the radio button and enter the IP address in the text box. URL: Select the radio button and enter the URL in the text box.
Src Port	Specify the source port of the online packet.
Dst Port	Specify the destination port of the online packet.
Application	Specify the application type of the online packet.
Description	Enter the description of the online packet in the text box.

Buttons in the Online Packet dialog:

Option	Description
Zoom Out	Zoom out on the flow chart.
Zoom In	Zoom in on the flow chart.
Detecting Duration	Specify the detecting duration. After reaching the specified duration, the system will automatically stop the detection automatically. The default value is 30 minutes.
Capture Packets	Select this check box to enable the capture packets function. You can download the captured packets to a specified directory. Before selecting this check box, make sure the Packets Capture Tools function is disabled. For more information about the Packets Capture Tools function, see Introduction to Packets Capture Tools.
Stop	Stop the detection.
Pause	Pause the detection.
Continue	Continue the detection.
Replay	Replay the detection.
Speed	Control the flow speed.

Imported Detection

To perform the imported detection, take the following steps:

Click Choose Detected Source. The Choose Detected Source dialog appears.
Select Imported Packet and configure the corresponding settings. For detailed information, view the Options in the Imported Packet dialog table as shown below.
Click Start to starts the detection. The system displays the detection process in the Detection Process tab. If errors occurred during the detection, a flow thumbnail in the area of the flow chart pops up to display the corresponding errors. After the detection is completed, you can click the flow thumbnail to view the details. During each detection process, the system can pop up at most six thumbnails.
After the detection is completed, view the detection results in the Detection Result tab. The detection results include the status indicators and detection result summary. You can click the View Details link to view the detailed detection report. About the meanings of status indicators, view step 3 in Emulation Detection.

Note: If one of following situations happens during the detection, the system will stop the detection:

Click the Stop button;
The total number of errors of the same type reaches 10, for example, the flow is blocked by a same policy.
The total number of errors of different types reaches 5. Errors of different types mean the errors occurred in different modules or errors occurred in one module but are different types.
The imported packets have been all detected.

Options in the Imported Packet dialog:

Option	Description
Packet	Click the Browse button and select the packet file to import it. The maximum size of the imported packet file can be 20M.
Source Name	Specify the name of the imported packet.
Ingress Interface	Select the ingress interface of the imported packet from the drop-down menu.
Advanced
Src Address	Specify the source IP address of the imported packet.
Dst Address	Specify the destination IP address of the imported packet.
Protocol	Specify the protocol type or the protocol number of the imported packet.
Src Port	Specify the source port of the imported packet.
Dst Port	Specify the destination port of the imported packet.
Application	Specify the application type of the online packet.
Description	Enter the description of the online packet in the text box.

Buttons in the Imported Packet dialog:

Option	Description
Zoom Out	Zoom out on the flow chart.
Zoom In	Zoom in on the flow chart.
Pause	Pause the detection.
Continue	Continue the detection.
Replay	Replay the detection.
Speed	Control the flow speed.

Detected Sources

The detected sources dialog lists all detected sources in the system, including the emulation packet, online packet, and imported packet.

Click Choose Detected Source. In the Choose Detected Source dialog, select the Detected Sources tab. You can then perform the following actions:

Click Details in the Result column to view the detection report of the detected source.
Click Export in the Export Packet column to export the detected packet to the desired directory.
Click Edit in the Option column to edit the configurations of the detected source.
Click Delete in the Option column to delete the.