Perform a TCP traceroute and PING to the Web Security.cloud

book

Article ID: 164129

calendar_today

Updated On:

Products

Web Security.cloud

Issue/Introduction

Capture information about the network route to the Web Security.cloud service using TCP trace route and PING

Resolution

To run a TCP Traceroute

  1.     Download and install WinPcap.
  2.     Download and install Trace TCP.
  3.     Once TraceTCP has been installed, open a command prompt (cmd) as the administrator and enter: tracetcp [add server address here]:[porthere].
tracetcp proxyX.RR.webscanningservice.com:3128 -c > c:\proxy1RR_tcp_1.txt
  • Where X is the proxy number and RR the proxy region, please refer to the proxy configuration to find out what is Web Security.cloud proxy hostname your infrastructure pointing to.
  • c:\proxy1RR_tcp_1.txt is the location and file name where the information is being saved to.

Once completed, please review the text file(s) and make sure that it contains information that can be analyzed. If the file shows information as:

[117.120.18.126:3128]  1    *    *    *    Request timed out.
[117.120.18.126:3128]  2    *    *    *    Request timed out.
[117.120.18.126:3128]  3    *    *    *    Request timed out.
This means that ICMP traffic is being blocked at the firewall level, the best approach is to allow the following ICMP types temporarily to produce the require responses from the network path.
  • Type 0 - Echo Reply (ping response)
  • Type 8 - Echo Request (ping request)
  • Type 11 - Time Exceeded
Once these types have been allowed, run the TCP trace command again, the file should show then the path:
Tracing route to proxy1.us.webscanningservice.com [216.82.251.251]
over a maximum of 30 hops:

  1     1 ms     1 ms     1 ms  todsrcatdsd01-vlan100.org.symantec.com [192.168.2.2]
  2     2 ms     1 ms     2 ms  ton1-rpi-wan-1-g0-0.org.symantec.com [192.168.2.129]
  3    34 ms     9 ms     8 ms  188.153.13.111
  4   123 ms    92 ms    92 ms  messagelabs-1.bar2.phx2.us.bb.symantec.net [70.255.255.194]
  5    98 ms    98 ms    98 ms  proxy1.az1.symsaas.net [216.82.251.251]

Trace complete.
  1. Run a PING, open a command prompt (cmd) as the administrator and enter: ping [add server address here].
ping proxyX.RR.webscanningservice.com > c:\proxy1RR_ping_1.txt
  • Where X is the proxy number and RR is the proxy region, please refer to the proxy configuration to find out what is Web Security.cloud proxy hostname your infrastructure pointing to.
  • c:\proxy1RR_tcp_1.txt is the location and file name where the information is being saved.
  1. Create a compressed archive of the text files and contact our Symantec technical support via phone or by opening a support case with this information for analysis.