Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
634
Views
0
Helpful
1
Replies

Output from the ASA sho conn command

cisco@crimtan.com
Level 1
Level 1

‎09-26-2018 01:05 AM - edited ‎02-21-2020 08:17 AM

I need some information about the output from the sho conn command on my ASA 5506-X.

 

The output looks like 

 

TCP outside: 64.74.17.129/443 (64.74.17.129/443) inside_2: 192.168.1.10/57595 (62.128.198.254/57595), flags UxIO , idle 11s, uptime 2D23h, timeout 1h0m, bytes 590417, xlate id 0x2aaabc0a0f80

Can anyone tell me what the ip/port numbers in the () mean?

 

For example: 64.74.17.129/443 (64.74.17.129/443)

 

0 Helpful
1 Reply 1

Seb Rupik
VIP Alumni
VIP Alumni

‎09-26-2018 01:18 AM - edited ‎09-26-2018 01:27 AM

Hi there,

That shows a NAT translation. The numbers in the brakcets are post-translation.

 

 

64.74.17.129/443 (64.74.17.129/443)  is the Global-local and (Global-outside)

 

192.168.1.10/57595 (62.128.198.254/57595) is Inside-local and (Inside-outside)

 

Ie, the inside IP 192.168.1.10 has been translated to the outside interface 62.128.198.254 using dynamic NAT

 

cheers,

Seb.

 

https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/4606-8.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card