Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 7.2(4) command change

Anyone else notice that the latest in the 7.2 ASA code train changed the functionality of one of the most basic of commands. This change was also not documented in the release notes.

We went to this release due to the last round of security issues. This has caused some of our automated scripts to stop functioning.

The command in question is show conn :

We are no longer able to issue a show conn fport or show conn local (etc) .

I have looked at the new command structure and am having a hard time getting the same type of information.

If anyone has any information how to get the old style information from the new command please share. I noticed that cisco hasn't given any conversion information.

Thank you,

Rich

Old Version 7.2(3)

Ciscoasa# sho conn ?

all Enter this keyword to show conns including to-the-box and

from-the-box

count Enter this keyword to show conn count only

detail Enter this keyword to show conn in detail

foreign Enter this keyword to specify foreign IP

fport Enter this keyword to specify foreign port

local Enter this keyword to specify local IP

long Enter this keyword to show conn in long format

lport Enter this keyword to specify local port

protocol Enter this keyword to specify conn protocol

state Enter this keyword to specify conn state

| Output modifiers

<cr>

New Version 7.2(4)

firewall# sho conn ?

address Enter this keyword to specify IP address

all Enter this keyword to show conns including to-the-box and

from-the-box

count Enter this keyword to show conn count only

detail Enter this keyword to show conn in detail

long Enter this keyword to show conn in long format

port Enter this keyword to specify port

protocol Enter this keyword to specify conn protocol

state Enter this keyword to specify conn state

| Output modifiers

<cr>

1 REPLY
New Member

Re: ASA 7.2(4) command change

This is from the Cisco doco for this command:

Command History

Release

7.0(8)/7.2(4)

Modification

The syntax was simplified to use source and destination concepts instead of "local" and "foreign." In the new syntax, the source address is the first address entered and the destination is the second address. The old syntax used keywords like foreign and fport to determine the destination address and port.

Hope this helps!

123
Views
0
Helpful
1
Replies
CreatePlease login to create content