robertson.michael Thu, 09/18/2008 - 06:06
User Badges:
  • Silver, 250 points or more

Hi Kevin,


Take a look at the output of 'show xlate'. This may give you what you are looking for.


From the ASA 8.0 command reference for 'show xlate':


"The following is sample output from the show xlate command. It shows two static translations. The first translation has one associated connection (called "nconns"), and the second translation has four associated connections."


hostname# show xlate

Global 209.165.201.10 Local 209.165.201.10 static nconns 1 econns 0

Global 209.165.201.30 Local 209.165.201.30 static nconns 4 econns 0


http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/s7.html#wp1263940


Hope that helps.


-Mike

Kevin Melton Thu, 09/18/2008 - 06:40
User Badges:

Mike

Thanks for your answer. My dilema is that on this old legacy PIX Firewall, we are currently running only 6.3.4 code. I dont think it has enough memory in it to do very much more than that either.

I thought I had remembered working with a Cisco engineer at some point in the past, and him using a command which showed how many matches there were for successful translations against the STATIC statement. I could be mistaken.

Actions

This Discussion