Solved: ASA show conn - determinate source/dest

SergeyStep · ‎08-01-2017

Please help!

I'm not understand, how determinate source and destination connection in output from show conn

example

UDP PSLAN 192.168.105.107:42920 PSFS 192.168.200.3:161, idle 0:00:06, bytes 237, flags -
UDP PSLAN 172.17.45.34:514 PSCBR 192.168.201.10:49352, idle 0:00:21, bytes 148, flags -

In this

192.168.105.107 send snmp req to 192.168.200.3, and source 192.168.105.107 dest 192.168.200.3

192.168.201.10 send syslog to 172.17.45.34, and source 192.168.201.10 dest 172.17.45.34.

Can i'm determine direction from show conn output?

Aditya Ganjoo · ‎08-01-2017

Hi Sergey,

Yes you are correct.

Since there is no flag information and UDP being connectionless we cannot determine it.

Regards,

Aditya

Please rate helpful and mark correct answers

View solution in original post

Aditya Ganjoo · ‎08-01-2017

Hi Sergey,

Please check the following doc for more clarity:

https://www.tunnelsup.com/understanding-cisco-asa-connection-flags/

https://supportforums.cisco.com/document/87011/asa-connection-flagsdocx

Regards,

Aditya

Please rate helpful and mark correct answers

SergeyStep · ‎08-01-2017

With UDP (connectless) - flags not set, and direction did not determinated.

am I right?

Aditya Ganjoo · ‎08-01-2017

Hi Sergey,

Yes you are correct.

Since there is no flag information and UDP being connectionless we cannot determine it.

Regards,

Aditya

Please rate helpful and mark correct answers