cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
939
Views
0
Helpful
3
Replies

sh log in PIX

CCDECCDE9
Level 1
Level 1

Hi


How can I see the transactions between two hosts that are trying to talk to each other over certain ports .I am trying to find out ports needed to be opened for successful connection .I have tried "sh log" but I do not see those two hosts..The following is the log config I have on this PIX-6.3(5)


logging on
logging monitor errors
logging buffered debugging
logging trap warnings
logging host inside 10.32.1.10

Thanks

3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

CCDECCDE9 wrote:

Hi


How can I see the transactions between two hosts that are trying to talk to each other over certain ports .I am trying to find out ports needed to be opened for successful connection .I have tried "sh log" but I do not see those two hosts..The following is the log config I have on this PIX-6.3(5)


logging on
logging monitor errors
logging buffered debugging
logging trap warnings
logging host inside 10.32.1.10

Thanks

You can use "sh conn ..." to look at what current connections are going through the firewall -

http://www.cisco.com/en/US/docs/security/asa/asa71/command/reference/s2_711.html#wp1113007

Jon

I think I will have to rephrase my problem....

I am trying to see if there are any denials for particular source reaching a specific destination.The problem I have is that I opened up a port 8081 between two hosts A and B  I am told that hostA is not able to communicate with hostB,so I am trying to see if it is using a different port

The sh conn as Jon posted can provide that information .  .

you can also try " show  local-host  "  from cli and be able to see connections in or out from the host and on what ports.

Youc an also load asdm real time log and see the traffic while host A tries to connect to Host be or vice versa.. and be able to see that information.

Other things to check :  Is the HOST listening on port 8081 actually lisening on that port, is it a udp or tcp?

Regards

Jorge Rodriguez
Review Cisco Networking for a $25 gift card