09-17-2007 06:55 PM
Hi everyone,
I just wanna know wht will be the command to monitor the sessions on
the pix.Like on Juniper Netscreen we use get session src-ip X.X.X.X to get the
session details of a particular src-ip to check on which ports it is hitting our firewall, as far as as i know sh conn
will help me in this out.Kindly clarify my doubts
regrds
kunal
09-18-2007 06:20 AM
That I know of it is show conn as you said
" show conn | inc IP_address "
" show conn " will show all connections and source/destication TCP/UDP ports being hit either inbound or outbound.
09-19-2007 08:31 AM
Kunal,
Also you can used these commands to show detail TCP/UDP connections by particular source IP.
"show local-host IP_Address "
"show local-host IP_Address detail "
10-20-2007 10:15 PM
One more way
Some Gentelman shared it with me on Yahoo Group:-
To use the capture command
if for example you would like to capture http traffic from an internal proxy
server (ip 192.168.0.1) passing the inside interface
Create an ACL of what you would like to capture
access-list 100 permit tcp host 192.168.0.1 any eq www
then create the capture
capture "name" access-list 100 interface inside
then once traffic has been generated type sh capture "name"
Regrds
K
10-26-2007 01:20 AM
Kunal
It would be work fine but it's costly in terms of PIX cpu and memory usage show it's not goood method to see session of daily traffic.....
10-26-2007 10:23 AM
Hi Amit,
Yeah thats true but as ASDM has not any function which shows the sessions there itself,we have to use this to see the sessions on CLI and after that we can clear the things. Is there any other way around ??
regrds
K
10-26-2007 09:00 PM
You can use sh conn command with detail and count and other supported command to clear ur result.let me know if you are qerying for any other thing
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide