10-21-2008 12:41 AM
Can some advice me of commands that will explicitly indicate if a source ip or subnet is arriving on an interface. (The source could be allowd or not allowed)
10-22-2008 02:47 AM
Do you mean to to capture the packets from a particular source once they reach the firewall or do you want to know IF a packet with this specific source IP would come will it be allowed through?
For the first you have the capture command on the FWSM AFAIK. For the second command there is no 'automated' process on the FWSM. On the ASA/PIX there is! Its called the 'packet-tracer' command. On the FWSM you can just check the ACL applied on that interface manually.
Regards
Farrukh
11-04-2008 08:53 AM
Dear Farrukh,
Thanks for the reply. The capture command proved useful.
However, I would like to know how to display the details of currently active connections, such as source IP etc...
11-04-2008 09:12 AM
Hi,
Below is the URL that has some useful show commands to monitor the Pix/ASA. Even though the document talks about Pix/ASA, you could use the same commands to monitor the FWSM as well.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009491c.shtml
Regards,
Arul
*Pls rate if it helps*
11-04-2008 09:58 PM
You can use the 'show connection' command for tihs purpose. It also has some optional keywords like 'detailed' etc.
You can also download an evaluation of fireplotter (fireplotter.com) to get a nice filterable GUI.
Regards
Farrukh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide