cisco FTD command to know trying to connect application

suryaaa · ‎04-24-2025

Dear Team,

Can anyone help me to to find a cli command on cisco FTD, I want to know if someone trying to open a application from PC, then how to check source ip tying to which destination ip & port. Actually i forgot. Some commands are there like listening or monitor the source ip & at that time end user when trying to open application then on firewall we can check all details application ip details try to communicate.

Rob Ingram · ‎04-24-2025

@suryaaa try the command "system support firewall-engine-debug" you can filter on the source IP and see the communication.

suryaaa · ‎04-24-2025

after entering this command its asking "Please specify an Ip protocol ", when I put IPV4 then its show error invalid protocol IPV4. Please help

Rob Ingram · ‎04-24-2025

@suryaaa that is optional, you can leave it blank (just press enter). Just enter the client IP (source IP), it will also prompt for the client port, server IP and server port, which you can also leave blank as well if you just want to filter from source.

suryaaa · ‎04-25-2025

I enter source ip address & keep blank server ip address. but nothing is showing after 2 hours. from source ip many application opening but nothing is showing.

MHM Cisco World · ‎04-25-2025

Show conn <IP source>

This give you if host try connect to specific IP.

Note:- you can specify tcp/udp port

MHM