User Tools

Site Tools


network:pix

Cisco PIX commands

VPN

Show the VPN status

To show a (verbose) status of IPSec use:

# show crypto ipsec sa

To show the status of the ISAKMP SAs use:

# show crypto isakmp sa

This will show you the established and active isakmp sessions. The “normal” status for a session is QM_IDLE

To show authenticated users (XAUTH) use:

# show uauth

NAT

Show NAT status

To show the translations use:

#  show xlate

To clear the NAT table use:

# clear xlate interface outside

Traffic capture

access-list captureacl permit tcp host 10.1.1.1 eq 80 host 192.168.0.10
access-list captureacl permit tcp host 10.2.2.2 eq 80 host 192.168.0.10
capture mycapture access-list captureacl packet-length 74 interface outside
!
show capture mycapture
! ...
no capture mycapture
clear configure access-list captureacl
network/pix.txt · Last modified: 2010/05/12 09:29 by ap

Informativa sui cookie