Re: CBAC - which 'inspect' statement cause the ACL dyn. entry
I don't think you can get that information from a show command atleast, maybe from debugs. But it is usually pretty simple to figure out because the inspect statements are just based on protocols, so all 'tcp' traffic would natually match the tcp inspect statement, except special corner cases like smptp/advanced http etc.
As this topic has come up, there is a hidden command also 'show ip inspect stat' but it also does not show the required information.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...