show all protos/ports traversing ASA

lcaruso · ‎10-14-2011

Hi,

Is there a command that will show all protocols and/or ports that have traversed the ASA?

I know show service-policy will show what's being inspected, but I'm looking for something independent of that.

Thanks.

varrao · ‎10-14-2011

Well that really difficult to pull such info from the ASA, because there could be any xyz port or protocol that are being accessed on ASA, I am not sure if thats even possible. Can you just explain your exact requirement and purpose for it.

Varun

Thanks,
Varun Rao

lcaruso · ‎10-14-2011

I was just looking for an alternative to show service-policy. That command is limited by two things

protocols actually being inspected
protocols available for inspection

So my requirement is similar to commands that show all address translation, all tcp connections, etc. except I want to see all protocols traversing the firewall.

I guess show conn is the closet thing?

varrao · ‎10-14-2011

Check:

show xlate

show conn

show conn detail

This might give you a closer information of what you are looking for.

Thanks,

Varun

Thanks,
Varun Rao

lcaruso · ‎10-14-2011

Thanks. I guess netflow would be the best approach then.

Don Jacob · ‎10-19-2011

Yes, NetFlow will be the proper approach to see conversations and protocol details. The NetFlow from ASA, called NSEL, can show pre and post NAT-ed IP Addresses, but not many flow analyzing tools do this.

One tool which has the capability to show this info using ASA NetFlow is ManageEngine NetFlow Analyzer. Try the free edition which can monitor 2 interfaces for your Cisco ASA.

Regards,

Don Thomas

ME - NetFlow Analyzer

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.