11-25-2008 08:57 AM - edited 03-11-2019 07:18 AM
Hi,
Can someone tell me if i need to check the following traffic is being passed on the PIX?
Source: x.x.x.246
destination: 172.18.46.75
what is the command to figure out on PIX?
& also need to check for hits on the access-list for:-
access-list acl-test permit tcp host grp1 host zb-nat object-group tcp_ports
please advise with the appropriate commands to run on PIX.
Thanks in advance.
Vin
11-25-2008 09:04 AM
Vin
"sh conn" will show you all the current connections going through the firewall and you can look for specfic connections -
http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/s2_72.html#wp1179782
"sh access-list acl-test" should show you the hits per line.
Jon
11-25-2008 09:21 AM
appreciate for your timely response.
But can't we use capture command on PIX from source to destination?
11-25-2008 02:44 PM
If you want to capture the actual traffic rather than just see if there is a connection then yes you could use the capture command to actually view the packets.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide