cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
425
Views
0
Helpful
1
Replies

ASA 7.2(4) command change

frabonir
Level 1
Level 1

Anyone else notice that the latest in the 7.2 ASA code train changed the functionality of one of the most basic of commands. This change was also not documented in the release notes.

We went to this release due to the last round of security issues. This has caused some of our automated scripts to stop functioning.

The command in question is show conn :

We are no longer able to issue a show conn fport or show conn local (etc) .

I have looked at the new command structure and am having a hard time getting the same type of information.

If anyone has any information how to get the old style information from the new command please share. I noticed that cisco hasn't given any conversion information.

Thank you,

Rich

Old Version 7.2(3)

Ciscoasa# sho conn ?

all Enter this keyword to show conns including to-the-box and

from-the-box

count Enter this keyword to show conn count only

detail Enter this keyword to show conn in detail

foreign Enter this keyword to specify foreign IP

fport Enter this keyword to specify foreign port

local Enter this keyword to specify local IP

long Enter this keyword to show conn in long format

lport Enter this keyword to specify local port

protocol Enter this keyword to specify conn protocol

state Enter this keyword to specify conn state

| Output modifiers

<cr>

New Version 7.2(4)

firewall# sho conn ?

address Enter this keyword to specify IP address

all Enter this keyword to show conns including to-the-box and

from-the-box

count Enter this keyword to show conn count only

detail Enter this keyword to show conn in detail

long Enter this keyword to show conn in long format

port Enter this keyword to specify port

protocol Enter this keyword to specify conn protocol

state Enter this keyword to specify conn state

| Output modifiers

<cr>

1 Reply 1

brettmilborrow
Level 1
Level 1

This is from the Cisco doco for this command:

Command History

Release

7.0(8)/7.2(4)

Modification

The syntax was simplified to use source and destination concepts instead of "local" and "foreign." In the new syntax, the source address is the first address entered and the destination is the second address. The old syntax used keywords like foreign and fport to determine the destination address and port.

Hope this helps!

Review Cisco Networking for a $25 gift card