10-31-2008 06:12 AM - edited 03-11-2019 07:06 AM
Hi,
From Netflow Analyazer I can see a connection from an external IP to my ASA's outside interface that's been going for 2 hours and downloaded 3GB of data so far, how can I kill this conenction? It's a http connection.
Thanks
10-31-2008 06:33 AM
you can shun the connection or perform a "clear
xlate" on that connection
10-31-2008 06:36 AM
Thanks, would do I type after "clear xlate"? if the IP I need to drop is 1.2.3.4?
Thanks
10-31-2008 07:13 AM
clear local-host is good for this also.
10-31-2008 07:23 AM
Thanks, will this drop that single external IP that's comming inbound? I don't want to drop all connections.
Thanks
10-31-2008 07:30 AM
that will drop all active network connections by whichever address you specify:
http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/c3_72.html#wp2046006
10-31-2008 09:36 AM
Why don't you just put up an ACL blocking that IP on the outside interface?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: