Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
997
Views
5
Helpful
3
Replies

Connection state information?

Go to solution
jedavis
Level 4
Level 4

‎02-20-2007 12:14 PM - edited ‎03-11-2019 02:36 AM

I am trying to figure out how to display TCP connections that were initiated from an outside interface. Maybe I am missing something, but I can't seem to find this in the "show conn" command. I tried the "show conn state conn_inbound", but that just gives me this:

121 in use, 4202 most used

I want to see the connection detail. I also don't see anything in the description of the "flags" output that tells me if the connection were initiated from the outside or the inside. Am I missing something or is there just no way to do this?

Thanks,

-Jeff

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
vitripat
Level 7
Level 7

‎02-20-2007 12:19 PM

You can find the meaning of flags using this command-

Flags: A - awaiting inside ACK to SYN, a - awaiting outside ACK to SYN,

B - initial SYN from outside, C - CTIQBE media, D - DNS, d - dump,

E - outside back connection, F - outside FIN, f - inside FIN,

G - group, g - MGCP, H - H.323, h - H.225.0, I - inbound data,

i - incomplete, J - GTP, j - GTP data, K - GTP t3-response

k - Skinny media, M - SMTP data, m - SIP media, O - outbound data,

P - inside back connection, q - SQL*Net data, R - outside acknowledged FIN,

R - UDP SUNRPC, r - inside acknowledged FIN, S - awaiting inside SYN,

s - awaiting outside SYN, T - SIP, t - SIP transient, U - up

X - inspected by service module

ASA-5520-CSC-Standalone#

Now .. when you do a "show conn", you'll recieve the connections with the Flags at the end of it. In the flags field, if you see "B", it means connection was initiated from a lower security level interface, i.e, outside to inside.

B - initial SYN from outside

Hope this clears the question.

Regards,

Vibhor.

View solution in original post

3 Replies 3

Go to solution
vitripat
Level 7
Level 7

‎02-20-2007 12:19 PM

You can find the meaning of flags using this command-

Flags: A - awaiting inside ACK to SYN, a - awaiting outside ACK to SYN,

B - initial SYN from outside, C - CTIQBE media, D - DNS, d - dump,

E - outside back connection, F - outside FIN, f - inside FIN,

G - group, g - MGCP, H - H.323, h - H.225.0, I - inbound data,

i - incomplete, J - GTP, j - GTP data, K - GTP t3-response

k - Skinny media, M - SMTP data, m - SIP media, O - outbound data,

P - inside back connection, q - SQL*Net data, R - outside acknowledged FIN,

R - UDP SUNRPC, r - inside acknowledged FIN, S - awaiting inside SYN,

s - awaiting outside SYN, T - SIP, t - SIP transient, U - up

X - inspected by service module

ASA-5520-CSC-Standalone#

Now .. when you do a "show conn", you'll recieve the connections with the Flags at the end of it. In the flags field, if you see "B", it means connection was initiated from a lower security level interface, i.e, outside to inside.

B - initial SYN from outside

Hope this clears the question.

Regards,

Vibhor.

Go to solution
vitripat
Level 7
Level 7
In response to vitripat

‎02-20-2007 12:19 PM

Forgot .. the command to get the meaning of flags is-

show conn detail

0 Helpful

Go to solution
jedavis
Level 4
Level 4
In response to vitripat

‎02-20-2007 12:30 PM

Ok, thanks Vibhor! When I read the "B - initial SYN from outside" I took it to mean that this was an embryonic connection (handshake not complete).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top