Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Command to show current connection on a Cisco PIX 501?

Posted on 2007-11-24
4
Medium Priority
?
5,837 Views
Last Modified: 2010-04-21
Hi there.

I want to know the current connections from the LAN to the internet in the PIX 501, getting this info:

1. Origin IP
2. Destiny IP
3. Bandwidth usage

And that's it!

Thanks!
0
Comment
Question by:CaLoFs79
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 11

Expert Comment

by:bsharath
ID: 20344942
0
 

Author Comment

by:CaLoFs79
ID: 20344947
Not really, I have the manual. I configured already.
But now I just want to check the connections.
0
 
LVL 36

Accepted Solution

by:
grblades earned 1000 total points
ID: 20345115
The PIX does not keep track of the bandwidth usage for each connection. The nearest it does is show the number of bytes transferred.

The most usefull command is probably 'show conn' :-
show conn
6 in use, 6 most used
             TCP out 209.165.201.1:80 in 10.3.3.4:1404 idle 0:00:00 Bytes 11391
             TCP out 209.165.201.1:80 in 10.3.3.4:1405 idle 0:00:00 Bytes 3709
             TCP out 209.165.201.1:80 in 10.3.3.4:1406 idle 0:00:01 Bytes 2685
             TCP out 209.165.201.1:80 in 10.3.3.4:1407 idle 0:00:01 Bytes 2683
             TCP out 209.165.201.1:80 in 10.3.3.4:1403 idle 0:00:00 Bytes 15199
             TCP out 209.165.201.1:80 in 10.3.3.4:1408 idle 0:00:00 Bytes 2688
             UDP out 209.165.201.7:24 in 10.3.3.4:1402 idle 0:01:30
             UDP out 209.165.201.7:23 in 10.3.3.4:1397 idle 0:01:30
             UDP out 209.165.201.7:22 in 10.3.3.4:1395 idle 0:01:30

'show xlate detail' gives some more detail about the direction of the traffic :-
3 in use, 3 most used
Flags: D - DNS, d - dump, I - identity, i - inside, n - no random,
       o - outside, r - portmap, s - static
TCP PAT from inside:10.1.1.15/1026 to outside:192.150.49.1/1024 flags ri
UDP PAT from inside:10.1.1.15/1028 to outside:192.150.49.1/1024 flags ri
ICMP PAT from inside:10.1.1.15/21505 to outside:192.150.49.1/0 flags ri
0
 

Author Closing Comment

by:CaLoFs79
ID: 31410836
Thanks
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question