cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
847
Views
0
Helpful
1
Replies

ASA show conn reading and scope

ITforever
Level 1
Level 1

Hello,

 

Can someone shed some light on the following questions please?

1. What is the scope of show conn table?

    a. all connections through the ASA

    b. from lower security level to higher security level

    c. from higher security level to lower security level

    d. from/to the same security level 

    e. from/to the same interface

 

2. How to read the output (who is the source/destination?):

TCP outside 100.1.2.3:443 inside 192.168.1.1:56256, idle 0:02:06, bytes 3678, flags UIOB

 

Thanks.

 

1 Reply 1

mkazam001
Level 3
Level 3

1. sh conn or sh conn detail (to see flags too) will provide output for ALL TCP/UDP connections currently through the ASA.

Can also use sh conn address IP_ADD or sh conn | inc IP_ADD for a more refined search.

2. the flags provide details for the connection, in this case:

U - up

I - inbound data

O - outbound data

B - initial SYN from outside

I think that means the source is 100. IP & the dest is 192. IP

Hope that helps,

Azam

 

Review Cisco Networking for a $25 gift card