Skip to content

How to troubleshoot network traffic block?

In any network, if you want to start to troubleshoot, get the source/destination/port details from the requester/user/client/customer those are the base to start your troubleshooting.

Once you have those details ask them to share the tracert (windows) from the cmd prompt, traceroute/tracepath (Unix/Linux). So you have a fair idea of the network.

This is how the traceroute looks in windows  & Unix/Linux respectively.

C:\Users\netcybrsecurity> tracert

Tracing route to []
over a maximum of 30 hops:

1 1 ms 1 ms 1 ms
2 5 ms 2 ms 3 ms
3 9 ms 7 ms 8 ms
4 13 ms 12 ms 9 ms
5 22 ms 18 ms 18 ms
6 9 ms 7 ms 8 ms
7 7 ms 7 ms 12 ms
8 18 ms 17 ms 17 ms
9 28 ms 26 ms 28 ms
10 26 ms 28 ms 24 ms
11 18 ms 17 ms 18 ms
12 25 ms 23 ms 22 ms
13 18 ms 17 ms 17 ms
14 22 ms 21 ms 21 ms []

Trace complete.
netcybrsecurity@User-linux:~$ traceroute
traceroute to (, 64 hops max
1 0.002ms 0.164ms 0.211ms
2 1.270ms 1.006ms 0.999ms
3 6.748ms 4.919ms 4.552ms
4 10.136ms 9.578ms 9.068ms
5 19.718ms 15.237ms 18.872ms
6 15.307ms 13.959ms 14.170ms
7 14.653ms 14.170ms 18.276ms
8 11.645ms 9.066ms 10.303ms
9 12.271ms 14.133ms 21.541ms
10 30.471ms 32.881ms 26.592ms
11 26.011ms 23.452ms 21.647ms
12 * * 23.928ms
13 * * 27.712ms
14 22.895ms 24.184ms 20.947ms
15 21.122ms 18.925ms 20.588ms

Then try to understand the network and see if there is only one firewall or multiple firewalls in the path base on that you will have to allow the source/destination/port details.

Once you understand the network traceroute/tracert, login to each hop and identify if there is any ACL(Access Control List) / Any Prefix (in routing protocol) which might be blocking any specific IP or subnet in the network.

If there is a firewall in the path check for logging on the firewall, when it comes to firewall there are multiple reasons why the traffic is blocking.
1. If the firewall is handling multiple blades/features it could be IPS.
2. Due to Asymmetric Routing in the network.
3. Most common, due to lack of firewall ACL/policy.

There is one more important factor which is proxy. Make sure the specific traffic is not traversing through any proxy (This scenario depends based on the company’s infrastructure)

Feel free to ask any question in the comments I can try to answer of my best knowledge.

Leave a Reply

Your email address will not be published.